[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-bugs] #31296 [Webpages/Support]: simplify OpenPGP signature verification instructions

To: undisclosed-recipients: ;
Subject: Re: [tor-bugs] #31296 [Webpages/Support]: simplify OpenPGP signature verification instructions
From: "Tor Bug Tracker & Wiki" <blackhole@xxxxxxxxxxxxxx>
Date: Fri, 13 Sep 2019 23:14:45 -0000
Auto-submitted: auto-generated
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 13 Sep 2019 19:14:55 -0400
In-reply-to: <043.65722a57ffe0b04c6a17f59fe5a073bf@torproject.org>
List-archive: <http://lists.torproject.org/pipermail/tor-bugs/>
List-help: <mailto:tor-bugs-request@lists.torproject.org?subject=help>
List-id: "auto: Tor bug tracker status mails" <tor-bugs.lists.torproject.org>
List-post: <mailto:tor-bugs@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-bugs>, <mailto:tor-bugs-request@lists.torproject.org?subject=unsubscribe>
References: <043.65722a57ffe0b04c6a17f59fe5a073bf@torproject.org>
Reply-to: no-reply@xxxxxxxxxxxxxx, tor-assistants@xxxxxxxxxxxxxx
Sender: "tor-bugs" <tor-bugs-bounces@xxxxxxxxxxxxxxxxxxxx>

#31296: simplify OpenPGP signature verification instructions
------------------------------+--------------------------
 Reporter:  dkg               |          Owner:  ggus
     Type:  defect            |         Status:  reopened
 Priority:  Medium            |      Milestone:
Component:  Webpages/Support  |        Version:
 Severity:  Normal            |     Resolution:
 Keywords:                    |  Actual Points:
Parent ID:                    |         Points:
 Reviewer:                    |        Sponsor:
------------------------------+--------------------------
Changes (by monmire):

 * status:  closed => reopened
 * resolution:  fixed =>


Comment:

 Platform: Tor Browser 8.5.5 on macOS Mojave version 10.14.6

 Instructions in the current Support documentation for macOS users
 https://support.torproject.org/tbb/how-to-verify-signature/ causes
 attempts to verify the signature to fail.

 The examples below assume that the macOS user has downloaded the files to
 the "Downloads" folder.

 Terminal command

 `gpg --verify ~/Downloads/TorBrowser-8.5.5-osx64_en-US.dmg.asc
 /Downloads/TorBrowser-8.5.5-osx64_en-US.dmg`

 successfully verifies the signature by returning  Terminal message

 `gpg: Signature made Tue Sep  3 06:07:30 2019 PDT`
 `gpg:                                   using RSA key EB774491D9FF06E2`
 `gpg: Good signature from "Tor Browser Developers (signing key)
 <torbrowser@xxxxxxxxxxxxxx>" [ultimate]`

 In the preceding Terminal command, notice that the `TorBrowser-8.5.5
 -osx64_en-US.dmg.asc` file entry precedes the `TorBrowser-8.5.5-osx64_en-
 US.dmg` file entry.

 The current Support documentation instructs macOS users to enter Terminal
 command

 `gpgv --keyring ./tor.keyring ~/Downloads/TorBrowser-8.5.4-osx64_en-
 US.dmg{.asc,}`

 The preceding Terminal command returns   Terminal message

 `gpgv: keyblock resource './tor.keyring': No such file or directory`
 `gpgv: no valid OpenPGP data found.`
 `gpgv: the signature could not be verified.`
 `Please remember that the signature file (.sig or .asc)`
 `should be the first file given on the command line.`

 Apparently, macOS users must use Terminal command `gpg --verify`, and the
 `{.asc,}` file must appear before the `{.dmg,}` file in the Terminal
 command line before an attempt to verify the signature can be successful.

--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/31296#comment:10>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online

_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs

Prev by Author: Re: [tor-bugs] #27399 [Applications/Tor Browser]: Leading Orfox users to Tor Browser Android
Next by Author: Re: [tor-bugs] #31653 [Core Tor/Tor]: Padding cells sent with 0ms delay cause circuit failures
Previous by thread: Re: [tor-bugs] #30913 [Applications/Tor Browser]: Tor Browser for Android uses ugly fonts on websites
Next by thread: [tor-bugs] #31738 [- Select a component]: issue with tor 8.5.4
Index(es):
- Author
- Thread