tor-webwml.git

Strukturansicht: e35dab486
Erinn Clark
add rpm verification instructions and fix paths
Erinn Clark commited e35dab486 at 2011-01-19 01:15:41
verifying-signatures.wml
Blame History Raw 
## translation metadata
# Revision: $Revision$
# Translation-Priority: 2-medium
#include "head.wmi" TITLE="Tor Project: Verifying Signatures" CHARSET="UTF-8"
<div id="content" class="clearfix">
  <div id="breadcrumbs">
    <a href="<page index>">Home &raquo; </a>
    <a href="<page docs/verifying-signatures>">Verifying Signatures</a>
  </div>
  <div id="maincol">
    <h1>How to verify signatures for packages</h1>
    <hr>
    <p>Each file on <a href="<page download/download>">our download page</a> is accompanied
    by a file with the same name as the package and the extension
    ".asc". These .asc files are GPG signatures. They allow you to verify
    the file you've downloaded is exactly the one that we intended you to
    get. For example, tor-browser-<version-torbrowserbundle>_en-US.exe is accompanied by
    tor-browser-<version-torbrowserbundle>_en-US.exe.asc.</p>
    <p>Of course, you'll need to have our GPG keys in your keyring: if you don't
    know the GPG key, you can't be sure that it was really us who signed it. The
    signing keys we use are:</p>
    <ul>
    <li>Roger's (0x28988BF5) typically signs the source code file.</li>
    <li>Nick's (0x165733EA, or its subkey 0x8D29319A).</li>
    <li>Andrew's (0x31B0974B) typically signed older packages for windows and mac.</li>
    <li>Peter's (0x94C09C7F, or its subkey 0xAFA44BDD).</li>
    <li>Matt's (0x5FA14861).</li>
    <li>Jacob's (0xE012B42D).</li>
    <li>Erinn's (0x63FEE659) and (0xF1F5C9B5) typically signs all windows, mac, and most linux packages.</li>
    <li>Mike's (0xDDC6C0AD) signs the Torbutton xpi.</li>
    <li>Karsten's (0xF7C11265) signs the metrics archives and tools.</li>
    </ul>
    <h3>Step Zero: Install GnuPG</h3>
    <hr>
    <p>You need to have GnuPG installed before you can verify
    signatures.</p>
    <ul>
    <li>Linux: see <a
    href="http://www.gnupg.org/download/">http://www.gnupg.org/download/</a>
    or install <i>gnupg</i> from the package management system.</li>
    <li>Windows: see <a
    href="http://www.gnupg.org/download/">http://www.gnupg.org/download/</a>. Look
    for the "version compiled for MS-Windows" under "Binaries".</li>
    <li>Mac: see <a
    href="http://macgpg.sourceforge.net/">http://macgpg.sourceforge.net/</a>.</li>
    </ul>
 
 
הההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההה
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX