(2f541cb2d) - tor-webwml.git · git.schokokeks.org

@@ -59,6 +59,9 @@
     of which developer signs which package, see our <a href="<page
     docs/signing-keys>">signing keys</a> page.</p>
 
+    <img alt="Download the bundle and the signature" src="../../images/download-tbb-sig.jpg" width="746" height="397">
+    
+    <br />
     <h3>Windows</h3>
     <hr>
 
@@ -68,24 +71,19 @@
 
     <p>Once it's installed, use GnuPG to import the key that signed your
     package. Since GnuPG for Windows is a command-line tool, you will need
-    to use <i>cmd.exe</i>. Unless you edit your PATH environment variable,
-    you will need to tell Windows the full path to the GnuPG program. If
-    you installed GnuPG with the default values, the path should be
-    something like this: <i>C:\Program Files\Gnu\GnuPg\gpg.exe</i>.</p>
+    to use <i>cmd.exe</i>.<br></br>
 
-    <p><strong>Note for Windows 8 Users:</strong> Your GnuPG binary is probably
-    located at <i>C:\Program Files (x86)\Gnu\GnuPg\gpg2.exe</i>. You should replace
-    all of the commands below with this path instead.</p>
+    <img alt="cmd.exe" src="../../images/cmd.jpg" width="405" height="512">    
     
     <p>Erinn Clark signs the Tor Browser Bundles. Import her key
-    (0x416F061063FEE659) by starting <i>cmd.exe</i> and typing:</p>
+    (0x63FEE659) by starting <i>cmd.exe</i> and typing:</p>
 
-    <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 0x416F061063FEE659</pre>
+    <pre>gpg --keyserver hkp://keys.gnupg.net --recv-keys 0x63FEE659</pre>
 
-    <p>After importing the key, you can verify that the fingerprint
+    <p><strong>Note that Windows 8 users may need to type gpg2 rather than gpg.</strong> <br />After importing the key, you can verify that the fingerprint
     is correct:</p>
 
-    <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --fingerprint 0x416F061063FEE659</pre>
+    <pre>gpg --fingerprint 0x63FEE659</pre>
 
     <p>You should see:</p>
     <pre>
@@ -101,7 +99,8 @@
     to download the ".asc" file as well. Assuming you downloaded the
     package and its signature to your Desktop, run:</p>
     
-    <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --verify C:\Users\Alice\Desktop\tor-browser-<version-torbrowserbundle>_en-US.exe.asc C:\Users\Alice\Desktop\tor-browser-<version-torbrowserbundle>_en-US.exe</pre>
+    <pre>cd Desktop</pre>
+    <pre>gpg --verify tor-browser-&lt VERSION NUMBER &gt_en-US.exe.asc tor-browser-&lt VERSION NUMBER &gt_en-US.exe</pre>
 
     <p>The output should say "Good signature": </p>
 
@@ -122,7 +121,8 @@
     to the developer. The best method is to meet the developer in person and
     exchange key fingerprints.
     </p>
-
+    <img alt="Verify the signature" src="../../images/verify-bundle.png" width="769" height="454">
+    <br />
     <h3>Mac OS X</h3>
     <hr>
 


...	...	@@ -59,6 +59,9 @@
59	59	of which developer signs which package, see our <a href="<page
60	60	docs/signing-keys>">signing keys</a> page.</p>
61	61
	62	+ <img alt="Download the bundle and the signature" src="../../images/download-tbb-sig.jpg" width="746" height="397">
	63	+
	64	+ <br />
62	65	<h3>Windows</h3>
63	66	<hr>
64	67
...	...	@@ -68,24 +71,19 @@
68	71
69	72	<p>Once it's installed, use GnuPG to import the key that signed your
70	73	package. Since GnuPG for Windows is a command-line tool, you will need
71		- to use <i>cmd.exe</i>. Unless you edit your PATH environment variable,
72		- you will need to tell Windows the full path to the GnuPG program. If
73		- you installed GnuPG with the default values, the path should be
74		- something like this: <i>C:\Program Files\Gnu\GnuPg\gpg.exe</i>.</p>
	74	+ to use <i>cmd.exe</i>.<br></br>
75	75
76		- <p><strong>Note for Windows 8 Users:</strong> Your GnuPG binary is probably
77		- located at <i>C:\Program Files (x86)\Gnu\GnuPg\gpg2.exe</i>. You should replace
78		- all of the commands below with this path instead.</p>
	76	+ <img alt="cmd.exe" src="../../images/cmd.jpg" width="405" height="512">
79	77
80	78	<p>Erinn Clark signs the Tor Browser Bundles. Import her key
81		- (0x416F061063FEE659) by starting <i>cmd.exe</i> and typing:</p>
	79	+ (0x63FEE659) by starting <i>cmd.exe</i> and typing:</p>
82	80
83		- <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 0x416F061063FEE659</pre>
	81	+ <pre>gpg --keyserver hkp://keys.gnupg.net --recv-keys 0x63FEE659</pre>
84	82
85		- <p>After importing the key, you can verify that the fingerprint
	83	+ <p><strong>Note that Windows 8 users may need to type gpg2 rather than gpg.</strong> <br />After importing the key, you can verify that the fingerprint
86	84	is correct:</p>
87	85
88		- <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --fingerprint 0x416F061063FEE659</pre>
	86	+ <pre>gpg --fingerprint 0x63FEE659</pre>
89	87
90	88	<p>You should see:</p>
91	89	<pre>
...	...	@@ -101,7 +99,8 @@
101	99	to download the ".asc" file as well. Assuming you downloaded the
102	100	package and its signature to your Desktop, run:</p>
103	101
104		- <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --verify C:\Users\Alice\Desktop\tor-browser-<version-torbrowserbundle>_en-US.exe.asc C:\Users\Alice\Desktop\tor-browser-<version-torbrowserbundle>_en-US.exe</pre>
	102	+ <pre>cd Desktop</pre>
	103	+ <pre>gpg --verify tor-browser-&lt VERSION NUMBER &gt_en-US.exe.asc tor-browser-&lt VERSION NUMBER &gt_en-US.exe</pre>
105	104
106	105	<p>The output should say "Good signature": </p>
107	106
...	...	@@ -122,7 +121,8 @@
122	121	to the developer. The best method is to meet the developer in person and
123	122	exchange key fingerprints.
124	123	</p>
125		-
	124	+ <img alt="Verify the signature" src="../../images/verify-bundle.png" width="769" height="454">
	125	+ <br />
126	126	<h3>Mac OS X</h3>
127	127	<hr>
128	128
129	129