[tor-talk] TBB 7.5.5 detached .asc file isn't encrypted or tar

[Joe <joebtfsplk@xxxxxxx>]

The detached .asc signature file for linux-64 is 
"tor-browser-linux64-7.5.5_en-US.tar.xz.asc"
GPG complains it can't verify:

gpg: can't open `tor-browser-linux64-7.5.5_en-US.tar.xz.asc'
gpg: verify signatures failed: file open error

Was a different key used to sign TBB 7.5.5 (linux64) than used for 7.5.3?

Note: it says "can't open the .asc file," not that it's a bad signature.
The files are in the same directory in my ~/Downloads directory.
TBB D/L version 7.5.3 verifies OK with the .asc file on Tor Project's 
D/L page.  I checked it again today, using the same GPG version on my 
system.

I'm not sure if it has to do with the GnuPG version that Tor Project 
used to sign the file & create the detached signature and my gpg 
version, 1.4.20, or another key that I don't have was used to sign this 
time ?

The TBB 7.5.5 .asc file (nor v7.5.3) doesn't show the GnuPG version used 
, like often seen in other .asc files, e.g., "Version: GnuPG v2.0.14."

I verify signed files all the time (that used GnuPG 2.0.x to sign) & GPG 
never complained it "couldn't open a signature file" with the same 
naming convention as the v7.5.5 program file and its .asc file.





--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk