[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] TBB 3.5.3 signatures messing

To: <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: [tor-talk] TBB 3.5.3 signatures messing
From: unknown <unknown@xxxxxxxxx>
Date: Thu, 20 Mar 2014 16:46:02 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 20 Mar 2014 12:56:52 -0400
Gpg-key-fingerprint: EE1E 6772 92A7 F9F1 F1DE 326B 9153 691B 8058 5959
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Organization: PGPru.com
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: unknown

I download the files:

https://www.torproject.org/dist/torbrowser/3.5.3/sha256sums.txt
https://www.torproject.org/dist/torbrowser/3.5.3/sha256sums.txt-mikeperry.asc
https://www.torproject.org/dist/torbrowser/3.5.3/tor-browser-linux64-3.5.3_en-US.tar.xz.asc
https://www.torproject.org/dist/torbrowser/3.5.3/tor-browser-linux64-3.5.3_en-US.tar.xz

Previous version files are missing:

sha256sums.txt-erinn.asc
sha256sums.txt-linus.asc


I run the script:

########
#! /bin/bash

echo "" | cat - > file.txt

sha256sum -c sha256sums.txt 2>&1 | grep OK >> file.txt

echo >> file.txt

for a in sha256*.asc ; do 
 gpg --verify $a sha256sums.txt >> file.txt 2>&1 ; 
 echo >> file.txt
done

echo >> file.txt

gpg --verify tor-browser-linux64*.asc >> file.txt 2>&1

echo >> file.txt
#########

Running less file.txt I can see a singnatures mess: 

gpg: Signature made Wed 19 Mar 2014 09:25:30 PM MSK using RSA key ID 63FEE659
gpg: Good signature from "Erinn Clark <erinn@xxxxxxxxxxxxxx>"
gpg:                 aka "Erinn Clark <erinn@xxxxxxxxxx>"
gpg:                 aka "Erinn Clark <erinn@xxxxxxxxxxxxxxxx>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 8738 A680 B84B 3031 A630  F2DB 416F 0610 63FE E659


gpg: Signature made Wed 19 Mar 2014 09:26:01 PM MSK using RSA key ID 63FEE659
gpg: Good signature from "Erinn Clark <erinn@xxxxxxxxxxxxxx>"
gpg:                 aka "Erinn Clark <erinn@xxxxxxxxxx>"
gpg:                 aka "Erinn Clark <erinn@xxxxxxxxxxxxxxxx>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 8738 A680 B84B 3031 A630  F2DB 416F 0610 63FE E659

I check "mikeperry" signature manually:

gpg --verify sha256sums.txt-mikeperry.asc sha256sums.txt

gpg: Signature made Wed 19 Mar 2014 09:25:30 PM MSK using RSA key ID 63FEE659
gpg: Good signature from "Erinn Clark <erinn@xxxxxxxxxxxxxx>"
gpg:                 aka "Erinn Clark <erinn@xxxxxxxxxx>"
gpg:                 aka "Erinn Clark <erinn@xxxxxxxxxxxxxxxx>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 8738 A680 B84B 3031 A630  F2DB 416F 0610 63FE
E659

Why Mike Perry signature displayed as Erinn?
Where is the other signatures? 
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] TBB 3.5.3 signatures messing
  - From: unknown

Prev by Author: Re: [tor-talk] traffic down
Next by Author: Re: [tor-talk] TBB 3.5.3 signatures messing
Previous by thread: Re: [tor-talk] Fw: Tor implementation in JavaScript / FirefoxOS
Next by thread: Re: [tor-talk] TBB 3.5.3 signatures messing
Index(es):
- Author
- Thread