[tor-talk] Problems? Verifying signatures in Tor 4.0.4

Simon Nicolussi sinic at sinic.name
Thu Feb 26 16:55:38 UTC 2015


andre76 at fastmail.fm wrote:
> $ gpg --verify tor-browser-linux32-4.0.4_en-US.tar.xz.asc                

Note that calling gpg --verify with a detached signature as its only
argument is insecure (later versions of GnuPG should emit a warning).
See my message to Gnupg-users and subsequent responses for details:
http://lists.gnupg.org/pipermail/gnupg-users/2014-November/051333.html

-- 
Simon Nicolussi <sinic at sinic.name>
http{s,}://{www.,}sinic.name/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20150226/4b913e9e/attachment.sig>


More information about the tor-talk mailing list