[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Tor 0.2.2.19-alpha is out

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Tor 0.2.2.19-alpha is out
From: Andrew Lewman <andrew@xxxxxxxxxxxxxx>
Date: Thu, 2 Dec 2010 20:58:48 -0500
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Thu, 02 Dec 2010 20:59:00 -0500
In-reply-to: <4CF52575.6060306@xxxxxxxxx>
Organization: The Tor Project, Inc.
References: <20101125234122.GJ3166@xxxxxxxxxxxxxx> <4CF2C1ED.90904@xxxxxxxxx> <20101128215535.GA24355@xxxxxxxxxxxxxx> <4CF52575.6060306@xxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On Tue, 30 Nov 2010 16:25:25 +0000
Matthew <pumpkin@xxxxxxxxx> wrote:
> In System / Administration / Software Sources / Authentication there
> is an deb.torproject.org archive signing key dated 2009-09-04 with
> the value 886DDD89.

This is correct.

> Am I correct to think that this key sufficient to verify updates when
> using sources.list. 

This is correct.

> Also, who exactly owns 886DDD89?  Is it a specific person or for 
> torproject.org as a whole?

If you gpg --list-sigs 0x886DDD89  You can see who signed the key.  It
is a role key that the packagers use to sign the builds, rather than
using their own personal keys.  It is up to you if you trust the key
and those who signed it implying validity.

-- 
Andrew
pgp 0x74ED336B
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

Prev by Author: Re: Tor-node failed
Next by Author: Re: Tor & Email?
Previous by thread: Re: Active Attacks - Already in Progress?
Next by thread: Re: Help me diagnose my Tor blocked/censored ISP!
Index(es):
- Author
- Thread