commit b5a2ec64a830e9011f91dc1c33b755cb0e8f682f Author: Georg Koppen gk@torproject.org Date: Thu Apr 30 08:09:52 2015 +0000

Add delcert.exe as signature removal tool --- docs/en/verifying-signatures.wml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/docs/en/verifying-signatures.wml b/docs/en/verifying-signatures.wml index f05b60e..64fc5e3 100644 --- a/docs/en/verifying-signatures.wml +++ b/docs/en/verifying-signatures.wml @@ -218,10 +218,10 @@ <li>You should see a message like "Good signature from &lt;DEVELOPER NAME&gt;". If you don't, there is a problem. Try these steps again.</li> <li>If you want to verify a Windows Tor Browser package you need to first - strip off the authenticode signature of it. One tool that can be used for - this purpose is <a - href="http:/osslsigncode.sourceforge.net">osslsigncode</a>. Assuming you - have built it on a Linux computer you can enter + strip off the authenticode signature of it. Tools that can be used for + this purpose are <a href="http://osslsigncode.sourceforge.net">osslsigncode</a> and + <a href="http://forum.xda-developers.com/showthread.php?t=416175">delcert.exe</a>. + Assuming you have built e.g. <tt>osslsigncode</tt> on a Linux computer you can enter <pre>/path/to/your/osslsigncode remove-signature &#92; /path/to/your/&lt;TOR BROWSER FILE NAME&gt;.exe &lt;TOR BROWSER FILE NAME&gt;.exe</pre></li> <li>Now you can take the sha256sum of the Tor Browser package. On