[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Where is the tor signing key?

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Where is the tor signing key?
From: bo0od <bo0od@xxxxxxxxxx>
Date: Wed, 23 Dec 2020 14:50:13 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 23 Dec 2020 09:50:43 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1608735029; bh=CiVojnhyw88pDVhZlBRjh1/f0XwqctCuspHgSnmuJlI=; h=Subject:To:References:From:Date:In-Reply-To:From; b=k5cm8XqmeVjqiisA5wwoGZUnw0pcdGTEOspt6j2zMEPZJ2teglr8oaOcpDNDaBNQD NO6wDzhKEGMZMslEiwidgwXSLwQwWxjyyafV9HiWH1tu9gbl3rwG8u15RE088K9cNN A8H2hsDFEpMvFk9OJdxFjKdgzTXnqaaXmvsycJNQ=
In-reply-to: <20201210162726.krojztyvmrmd4xhe@localhost>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <87wnxq6mrx.fsf@yandex.com> <20201210162726.krojztyvmrmd4xhe@localhost>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Just followed the instructions mentioned inhttps://support.torproject.org/tbb/how-to-verify-signature/ working goodnow.


Matthew Finkel:

On Thu, Dec 10, 2020 at 09:19:46AM +0000, Colin Baxter wrote:


The URL https://support.torproject.org/tbb/how-to-verify-signature/
gives the impression that the signing key email address is
torbrowser@xxxxxxxxxxxxxx. However

  gpg2 --search-keys torbrowser@xxxxxxxxxxxxxx <RET>

gives

gpg: key "torbrowser@xxxxxxxxxxxxxx" not found on keyserver.

What's the correct email address for the signing key?


torbrowser@xxxxxxxxxxxxxx is the correct email address, but you may be
querying the wrong server. On the page you referenced there is a section
for this:

"""""""
Fetching the Tor Developers key

The Tor Browser team signs Tor Browser releases. Import the Tor Browser
Developers signing key (0xEF6E286DDA85EA2A4BA7DE684E2C6E8793298290):

gpg --auto-key-locate nodefault,wkd --locate-keys torbrowser@xxxxxxxxxxxxxx
"""""""

The key is available on keys.openpgp.org, as well, if you need it from
another key server:

https://keys.openpgp.org/search?q=torbrowser%40torproject.org

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Where is the tor signing key?
  - From: Colin Baxter
- Re: [tor-talk] Where is the tor signing key?
  - From: Matthew Finkel

Next by Author: [tor-talk] Where is the tor signing key?
Previous by thread: Re: [tor-talk] Where is the tor signing key?
Next by thread: [tor-talk] A 2nd Tor Browser (partial) profile?
Index(es):
- Author
- Thread