For those who haven't been following, check out https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it You should pay special attention if you're in an environment where your ISP (or your government!) might try a man-in-the-middle attack on your interactions with https://www.torproject.org/. We stepped up our schedule for switching the Tor Browser Bundle to Firefox 6 (which we can build from source on all platforms, and thus remove the offending CA ourselves). New bundles are out now: https://blog.torproject.org/blog/new-tor-browser-bundles-4 Perhaps now is a great time for you to learn how to verify the signatures on Tor packages you download: https://www.torproject.org/docs/verifying-signatures --Roger
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk