[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Tor 0.2.2.19-alpha is out
On Tue, 30 Nov 2010 16:25:25 +0000
Matthew <pumpkin@xxxxxxxxx> wrote:
> In System / Administration / Software Sources / Authentication there
> is an deb.torproject.org archive signing key dated 2009-09-04 with
> the value 886DDD89.
This is correct.
> Am I correct to think that this key sufficient to verify updates when
> using sources.list.
This is correct.
> Also, who exactly owns 886DDD89? Is it a specific person or for
> torproject.org as a whole?
If you gpg --list-sigs 0x886DDD89 You can see who signed the key. It
is a role key that the packagers use to sign the builds, rather than
using their own personal keys. It is up to you if you trust the key
and those who signed it implying validity.
--
Andrew
pgp 0x74ED336B
***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/