[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Problems? Verifying signatures in Tor 4.0.4

On Mon, Mar 2, 2015, at 12:51 PM, andre76@xxxxxxxxxxx wrote:

> Here's the output from terminal;
> $ gpg --verify tor-browser-linux32-4.0.4_en-US.tar.xz.asc
> tor-browser-linux32-4.0.4_en-US.tar.xz
> gpg: Signature made Wed 25 Feb 2015 02:54:55 AM EST using RSA key ID
> F65C2036
> gpg: BAD signature from "Tor Browser Developers (signing key)
> <torbrowser@xxxxxxxxxxxxxx>"
> Are these files good or bad and not to be trusted? If not to be trusted
> which aren't to be trusted?

One or other (or the key) is corrupted: try taking the md5 of each to
see which.
md5 tor-browser-linux32-4.0.4_en-US.tar.xz
md5 tor-browser-linux32-4.0.4_en-US.tar.xz.asc

http://www.fastmail.com - Email service worth paying for. Try it for free

tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to