[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Verification of Package Files When Using Sources.List.

To: or-talk@xxxxxxxxxxxxx
Subject: Verification of Package Files When Using Sources.List.
From: Matthew <pumpkin@xxxxxxxxx>
Date: Sun, 02 Jan 2011 23:33:48 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sun, 02 Jan 2011 18:38:55 -0500
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.8) Gecko/20100802 Thunderbird/3.1.2

I did post this before in November but got no responses. Hopefully this wasn't because the question was so dumb.

-------------

My /etc/apt/sources.list contains:

deb http://deb.torproject.org/torproject.org lucid main

In the "authentication" section of my "software sources" I have a deb.torproject.org archive signing key dated 2009-09-04 with a value 886DDD89.

I was looking at the page which explains how to verify signatures for downloads: https://www.torproject.org/docs/verifying-signatures.html.en

If one is not directly downloading but using the sources.list file is the "authentication" section adequate to verify the validity of the downloads?

Thanks

Follow-Ups:
- Re: Verification of Package Files When Using Sources.List.
  - From: Justin Aplin

Prev by Author: Re: Polipo starts on bootup
Next by Author: Re: Tor and google groups
Previous by thread: Re: Key length and PK algorithm of TOR
Next by thread: Re: Verification of Package Files When Using Sources.List.
Index(es):
- Author
- Thread