[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] Problems? Verifying signatures in Tor 4.0.4

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-talk] Problems? Verifying signatures in Tor 4.0.4
From: andre76@xxxxxxxxxxx
Date: Thu, 26 Feb 2015 14:02:44 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 26 Feb 2015 08:03:00 -0500
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=fastmail.fm; h= message-id:x-sasl-enc:from:to:mime-version :content-transfer-encoding:content-type:subject:date; s=mesmtp; bh=fWjHh9BbxAReWyeSXh/Xl3yKyD0=; b=a+z87BP3gYm8jg7ymU/ASHQH/G07 RPHL/RFWdzXCBEHOnoWH4P9DW+BucqcqSVVo77eXPQAplH1M6itMlq1FZ1V5WgSF GGHVw06tbtyN8n6zc9wvy3YXlFkybNAWawIX4xxBdcGzFFtCW3UQTeLQ+tn97Z/3 TRIMd+z6A4o9Fa8=
Dkim-signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:x-sasl-enc:from:to :mime-version:content-transfer-encoding:content-type:subject :date; s=smtpout; bh=fWjHh9BbxAReWyeSXh/Xl3yKyD0=; b=adI8NbOsBGy ZpylX2K7khJICpSB1XocLacSNppJ0le27xEgRxy3OvxxBsaWS6UOPpxLpwmxot3i p0/3OwE3D5vZ78DHFEhNeAH/QLc5sFNk/Ml2Q1zu99ZG7161CkatRYtjeZVekUlV bZ/V5o9lidjV29y3S/p84CAB+vgfLe6c=
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Is there anything that's wrong about the gpg verification performed on
the version 4.0.4 as seen in the text below?
It's quite different from previous Tor versions. No Erinn Clark.



$ gpg --verify tor-browser-linux32-4.0.4_en-US.tar.xz.asc                
gpg: Signature made Wed 25 Feb 2015 02:54:55 AM EST using RSA key ID
F65C2036
gpg: Good signature from "Tor Browser Developers (signing key)
<torbrowser@xxxxxxxxxxxxxx>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the
owner.
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329
8290
     Subkey fingerprint: 5242 013F 02AF C851 B1C7  36B8 7017 ADCE F65C
     2036

-- 
http://www.fastmail.com - Does exactly what it says on the tin

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Problems? Verifying signatures in Tor 4.0.4
  - From: Alexandros
- Re: [tor-talk] Problems? Verifying signatures in Tor 4.0.4
  - From: Nicolas Vigier
- [tor-talk] Tor Browser Developers (signing key) key signing request (Was "Re: Problems? Verifying signatures in Tor 4.0.4")
  - From: Richard Johnson
- Re: [tor-talk] Problems? Verifying signatures in Tor 4.0.4
  - From: Simon Nicolussi

Prev by Author: [tor-talk] CloudFlare fingerprinting
Next by Author: Re: [tor-talk] Problems? Verifying signatures in Tor 4.0.4
Previous by thread: Re: [tor-talk] git: application level leaks and best practices?
Next by thread: Re: [tor-talk] Problems? Verifying signatures in Tor 4.0.4
Index(es):
- Author
- Thread