I notice that 0.2.1.27 was
downloaded today by the Synaptic Update Manager. Thanks for
creating it. |
I have a question about the procedure for verifying signatures.
My sources.list file contains: deb http://deb.torproject.org/torproject.org lucid main
System / Administration / Software Sources / Other Software also lists http://deb.torproject.org/torproject.org lucid main
In System / Administration / Software Sources / Authentication there is an deb.torproject.org archive signing key dated 2009-09-04 with the value 886DDD89.
Am I correct to think that this key sufficient to verify updates when using sources.list. My impression is that the page https://www.torproject.org/docs/verifying-signatures.html.en refers to verifying files that have been manually downloaded (rather than through Update Manager).
Also, who exactly owns 886DDD89? Is it a specific person or for torproject.org as a whole?
On 28/11/10 21:55, andrew@xxxxxxxxxxxxxx wrote:
On Sun, Nov 28, 2010 at 08:56:13PM +0000, pumpkin@xxxxxxxxx wrote 5.4K bytes in 125 lines about: : I am curious how to get 0.2.1.27 in the preferred way when using : Ubuntu. Thanks! You are doing it correctly. Packages for ubuntu/debian for 0.2.1.27 aren't created yet. We announce the source release before the binary packages we create are available. It's generally a few days from source release to binary package availability. The exception here is OS X PPC, which lacks a build machine right now.