[webwml/master] Bug 15253: Add Tor Browser subkey fingerprints - tor-commits

31 Mar 2015

commit 1acf560c17e15f6144c57d1e75e9567e7a4e03ff
Author: Georg Koppen gk@torproject.org
Date:   Fri Mar 27 14:04:54 2015 +0000
Bug 15253: Add Tor Browser subkey fingerprints
---
 docs/en/verifying-signatures.wml |   20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

diff --git a/docs/en/verifying-signatures.wml b/docs/en/verifying-signatures.wml
index ef916b4..89522d4 100644
--- a/docs/en/verifying-signatures.wml
+++ b/docs/en/verifying-signatures.wml
@@ -92,8 +92,12 @@
     gpg: Good signature from "Tor Browser Developers (signing key) torbrowser@torproject.org"
     gpg: WARNING: This key is not certified with a trusted signature!
     gpg:          There is no indication that the signature belongs to the owner.
-    Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290
-    </pre>
+    Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290</pre>
+    <p>Currently valid subkey fingerprints are:
+    <pre>
+    5242 013F 02AF C851 B1C7  36B8 7017 ADCE F65C 2036
+    BA1E E421 BBB4 5263 180E  1FC7 2E1A C68E D408 14E0
+    05FA 4425 3F6C 19A8 B7F5  18D4 2D00 0988 5898 39A3</pre></p>
     <p>
     Notice that there is a warning because you haven't assigned a trust
     index to this person. This means that GnuPG verified that the key made
@@ -143,16 +147,18 @@
     <strong>For Linux users</strong> (change 32 to 64 if you have the 64-bit package):<br />
     <pre>gpg --verify ~/Desktop/tor-browser-linux32-<version-torbrowserbundlelinux32>_en-US.tar.xz{.asc*,}</pre>
-    <p>The output should say "Good signature": </p>
+    <p>The output should say "Good signature":</p>
<pre>
     gpg: Signature made Tue 24 Jan 2015 09:29:09 AM CET using RSA key ID D40814E0
     gpg: Good signature from "Tor Browser Developers (signing key) torbrowser@torproject.org"
     gpg: WARNING: This key is not certified with a trusted signature!
     gpg:          There is no indication that the signature belongs to the owner.
-    Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290
-    </pre>
-
+    Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7  DE68 4E2C 6E87 9329 8290</pre> <p> Currently valid subkey fingerprints are:
+    <pre>
+    5242 013F 02AF C851 B1C7  36B8 7017 ADCE F65C 2036
+    BA1E E421 BBB4 5263 180E  1FC7 2E1A C68E D408 14E0
+    05FA 4425 3F6C 19A8 B7F5  18D4 2D00 0988 5898 39A3</pre></p>
     <p>
     Notice that there is a warning because you haven't assigned a trust
     index to this person. This means that GnuPG verified that the key made
@@ -160,7 +166,7 @@
     to the developer. The best method is to meet the developer in person and
     exchange key fingerprints.
     </p>
-    
+
     <p>
     If you're a Linux user and you're using the <b>Debian</b> Tor (not Tor
     Browser) packages, you should read the instructions on <a

    