[tor-bugs] #5147 [Tor bundles/installation]: wrong/no signatures on FC packages
Tor Bug Tracker & Wiki
torproject-admin at torproject.org
Tue Feb 28 12:43:37 UTC 2012
#5147: wrong/no signatures on FC packages
-----------------------------------------+----------------------------------
Reporter: qbi | Owner: erinn
Type: defect | Status: reopened
Priority: major | Milestone:
Component: Tor bundles/installation | Version: Tor: unspecified
Resolution: | Keywords:
Parent: | Points:
Actualpoints: |
-----------------------------------------+----------------------------------
Changes (by marlowe):
* cc: marlowe@… (added)
Comment:
The sucker steps forward. ;)
We don't need to post the .asc files. rpm performs the signature check
internally. The user imports the GPG key of the package signer into their
rpmdb. Through this mechanism, they can verify the rpm hasn't changed
since we signed it. The particular use case might be users who prefer to
install the rpm directly as opposed to through yum.
I think we can close the ticket.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/5147#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list