Georg Koppen commited on 2015-02-24 13:50:53
Zeige 1 geänderte Dateien mit 26 Einfügungen und 30 Löschungen.
... | ... |
@@ -53,8 +53,8 @@ |
53 | 53 |
package and the extension ".asc". These .asc files are GPG |
54 | 54 |
signatures. They allow you to verify the file you've downloaded |
55 | 55 |
is exactly the one that we intended you to get. For example, |
56 |
- tor-browser-2.3.25-13_en-US.exe is accompanied by |
|
57 |
- tor-browser-2.3.25-13_en-US.exe.asc. For a list |
|
56 |
+ torbrowser-install-<version-torbrowserbundle>_en-US.exe is accompanied by |
|
57 |
+ torbrowser-install-<version-torbrowserbundle>_en-US.exe.asc. For a list |
|
58 | 58 |
of which developer signs which package, see our <a href="<page docs/signing-keys>">signing keys</a> page.</p> |
59 | 59 |
<h3>Windows</h3> |
60 | 60 |
<hr> |
... | ... |
@@ -67,20 +67,20 @@ |
67 | 67 |
you will need to tell Windows the full path to the GnuPG program. If |
68 | 68 |
you installed GnuPG with the default values, the path should be |
69 | 69 |
something like this: <i>C:\Program Files\Gnu\GnuPg\gpg.exe</i>.</p> |
70 |
- <p>Erinn Clark signs the Tor Browsers. Import her key |
|
71 |
- (0x416F061063FEE659) by starting <i>cmd.exe</i> and typing:</p> |
|
72 |
- <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 0x416F061063FEE659</pre> |
|
70 |
+ <p>The Tor Browser team signs the Tor Browsers. Import its key |
|
71 |
+ (0x4E2C6E8793298290) by starting <i>cmd.exe</i> and typing:</p> |
|
72 |
+ <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 0x4E2C6E8793298290</pre> |
|
73 | 73 |
<p>After importing the key, you can verify that the fingerprint |
74 | 74 |
is correct:</p> |
75 |
- <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --fingerprint 0x416F061063FEE659</pre> |
|
75 |
+ <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --fingerprint 0x4E2C6E8793298290</pre> |
|
76 | 76 |
<p>You should see:</p> |
77 | 77 |
<pre> |
78 |
- pub 2048R/63FEE659 2003-10-16 |
|
79 |
- Key fingerprint = 8738 A680 B84B 3031 A630 F2DB 416F 0610 63FE E659 |
|
80 |
- uid Erinn Clark <erinn@torproject.org> |
|
81 |
- uid Erinn Clark <erinn@debian.org> |
|
82 |
- uid Erinn Clark <erinn@double-helix.org> |
|
83 |
- sub 2048R/EB399FD7 2003-10-16 |
|
78 |
+ pub 4096R/93298290 2014-12-15 |
|
79 |
+ Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 |
|
80 |
+ uid Tor Browser Developers (signing key) <torbrowser@torproject.org> |
|
81 |
+ sub 4096R/F65C2036 2014-12-15 |
|
82 |
+ sub 4096R/D40814E0 2014-12-15 |
|
83 |
+ sub 4096R/589839A3 2014-12-15 |
|
84 | 84 |
</pre> |
85 | 85 |
<p>To verify the signature of the package you downloaded, you will need |
86 | 86 |
to download the ".asc" file as well. Assuming you downloaded the |
... | ... |
@@ -88,13 +88,11 @@ |
88 | 88 |
<pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --verify C:\Users\Alice\Desktop\torbrowser-install-<version-torbrowserbundle>_en-US.exe.asc C:\Users\Alice\Desktop\torbrowser-install-<version-torbrowserbundle>_en-US.exe</pre> |
89 | 89 |
<p>The output should say "Good signature": </p> |
90 | 90 |
<pre> |
91 |
- gpg: Signature made Wed 31 Aug 2011 06:37:01 PM EDT using RSA key ID 63FEE659 |
|
92 |
- gpg: Good signature from "Erinn Clark <erinn@torproject.org>" |
|
93 |
- gpg: aka "Erinn Clark <erinn@debian.org>" |
|
94 |
- gpg: aka "Erinn Clark <erinn@double-helix.org>" |
|
91 |
+ gpg: Signature made Tue 24 Jan 2015 09:29:09 AM CET using RSA key ID D40814E0 |
|
92 |
+ gpg: Good signature from "Tor Browser Developers (signing key) <torbrowser@torproject.org>" |
|
95 | 93 |
gpg: WARNING: This key is not certified with a trusted signature! |
96 | 94 |
gpg: There is no indication that the signature belongs to the owner. |
97 |
- Primary key fingerprint: 8738 A680 B84B 3031 A630 F2DB 416F 0610 63FE E659 |
|
95 |
+ Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 |
|
98 | 96 |
</pre> |
99 | 97 |
<p> |
100 | 98 |
Notice that there is a warning because you haven't assigned a trust |
... | ... |
@@ -118,21 +116,21 @@ |
118 | 116 |
key (0x416F061063FEE659) by starting the terminal (under "Applications" |
119 | 117 |
in Mac OS X) and typing:</p> |
120 | 118 |
|
121 |
- <pre>gpg --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 0x416F061063FEE659</pre> |
|
119 |
+ <pre>gpg --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 0x4E2C6E8793298290</pre> |
|
122 | 120 |
|
123 | 121 |
<p>After importing the key, you can verify that the fingerprint |
124 | 122 |
is correct:</p> |
125 | 123 |
|
126 |
- <pre>gpg --fingerprint 0x416F061063FEE659</pre> |
|
124 |
+ <pre>gpg --fingerprint 0x4E2C6E8793298290</pre> |
|
127 | 125 |
|
128 | 126 |
<p>You should see:</p> |
129 | 127 |
<pre> |
130 |
- pub 2048R/63FEE659 2003-10-16 |
|
131 |
- Key fingerprint = 8738 A680 B84B 3031 A630 F2DB 416F 0610 63FE E659 |
|
132 |
- uid Erinn Clark <erinn@torproject.org> |
|
133 |
- uid Erinn Clark <erinn@debian.org> |
|
134 |
- uid Erinn Clark <erinn@double-helix.org> |
|
135 |
- sub 2048R/EB399FD7 2003-10-16 |
|
128 |
+ pub 4096R/93298290 2014-12-15 |
|
129 |
+ Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 |
|
130 |
+ uid Tor Browser Developers (signing key) <torbrowser@torproject.org> |
|
131 |
+ sub 4096R/F65C2036 2014-12-15 |
|
132 |
+ sub 4096R/D40814E0 2014-12-15 |
|
133 |
+ sub 4096R/589839A3 2014-12-15 |
|
136 | 134 |
</pre> |
137 | 135 |
|
138 | 136 |
<p>To verify the signature of the package you downloaded, you will need |
... | ... |
@@ -148,13 +146,11 @@ |
148 | 146 |
<p>The output should say "Good signature": </p> |
149 | 147 |
|
150 | 148 |
<pre> |
151 |
- gpg: Signature made Wed 31 Aug 2011 06:37:01 PM EDT using RSA key ID 63FEE659 |
|
152 |
- gpg: Good signature from "Erinn Clark <erinn@torproject.org>" |
|
153 |
- gpg: aka "Erinn Clark <erinn@debian.org>" |
|
154 |
- gpg: aka "Erinn Clark <erinn@double-helix.org>" |
|
149 |
+ gpg: Signature made Tue 24 Jan 2015 09:29:09 AM CET using RSA key ID D40814E0 |
|
150 |
+ gpg: Good signature from "Tor Browser Developers (signing key) <torbrowser@torproject.org>" |
|
155 | 151 |
gpg: WARNING: This key is not certified with a trusted signature! |
156 | 152 |
gpg: There is no indication that the signature belongs to the owner. |
157 |
- Primary key fingerprint: 8738 A680 B84B 3031 A630 F2DB 416F 0610 63FE E659 |
|
153 |
+ Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 |
|
158 | 154 |
</pre> |
159 | 155 |
|
160 | 156 |
<p> |
161 | 157 |