[tbb-dev] New Signing PGP Subkey
Roger Dingledine
arma at torproject.org
Tue Dec 14 08:32:33 UTC 2021
On Tue, Dec 14, 2021 at 02:15:27AM +0000, Matthew Finkel wrote:
> Please be aware that a new PGP subkey will be used for signing Tor
> Browser packages beginning with Tor Browser 11.5a1.
>
> Please refresh your keychain from keys.openpgp.org, as needed.
Thanks Matt.
What's the story with the torbrowserlauncher package these days? Should
we expect another round of users reporting that they're being
man-in-the-middled, because torbrowserlauncher is surprised by this new
key and logs scary error messages? If yes, now that we see it coming,
is there anything we can do to smooth its arrival, like pushing an update
to that package?
I am cc'ing Micah in case he knows the answer by now too. :)
--Roger
More information about the tbb-dev
mailing list