[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Problem about verify signatures




나의 iPhone에서 보냄

2013. 2. 24. 7:41 PM Fabian Keil <freebsd-listen@xxxxxxxxxxxxx> wrote:

> Nam Su <namfree123@xxxxxxxxx> wrote:
> 
>> When I tried to verify signatures with GPA, gpg frontend, it was failed.
>> I download Tor packages in torproject.org https version.
>> 
>> Strangely, when I tried to verify with GPG command line, it was success. 
> 
> Using gpg directly seems to be the recommended way:
> https://www.torproject.org/docs/verifying-signatures.html.en
> 
>> Is it tor's asc file problem? Or is it GPA bug so should I report this
>> problem to GPA project? My feeling is like headache.
> 
> Without knowing the error message you got from GPA it's impossible
> to tell what's going on and reporting any problem to the GPA project
> is probably premature.
> 
> I'm not familiar with GPA but as long as gpg itself confirms that
> the signature is valid and the gpg binary came from a trustworthy
> source, I wouldn't worry about the GPA issue unless the error message
> explicitly tells you that the signature is invalid and not just that
> it can't be verified (for example due to missing the public key).

Error message was bad signature. I guess GPA may be able to only verify when Sign is in signed file.

Thanks your advise


> 
> Fabian
> _______________________________________________
> tor-talk mailing list
> tor-talk@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk