Matt Pagan

Matt Pagan commited on 2013-11-05 23:20:17
Zeige 1 geänderte Dateien mit 14 Einfügungen und 32 Löschungen.

... ...
@@ -48,43 +48,31 @@
48 48
 
49 49
     <h3>Where do I get the signatures and the keys that made them?</h3>
50 50
     <hr>
51
-
52
-    <p>Each file on <a href="<page download/download>">our download
51
+    <p>Each file on <a href="/web/20130929222100/https://www.torproject.org/download/download.html.en">our download
53 52
     page</a> is accompanied by a file with the same name as the
54 53
     package and the extension ".asc". These .asc files are GPG
55 54
     signatures. They allow you to verify the file you've downloaded
56 55
     is exactly the one that we intended you to get. For example,
57
-    tor-browser-<version-torbrowserbundle>_en-US.exe is accompanied by
58
-    tor-browser-<version-torbrowserbundle>_en-US.exe.asc. For a list
59
-    of which developer signs which package, see our <a href="<page
60
-    docs/signing-keys>">signing keys</a> page.</p>
61
-
62
-    <img alt="Download the bundle and the signature" src="../../images/download-tbb-sig.jpg" width="746" height="397">
63
-    
64
-    <br />
56
+    tor-browser-2.3.25-13_en-US.exe is accompanied by
57
+    tor-browser-2.3.25-13_en-US.exe.asc. For a list
58
+    of which developer signs which package, see our <a href="/web/20130929222100/https://www.torproject.org/docs/signing-keys.html.en">signing keys</a> page.</p>
65 59
     <h3>Windows</h3>
66 60
     <hr>
67
-
68 61
     <p>You need to have GnuPG installed before
69 62
     you can verify signatures. Download it from <a
70
-    href="http://gpg4win.org/download.html">http://gpg4win.org/download.html</a>.</p>
71
-
63
+    href="/web/20130929222100/http://gpg4win.org/download.html">http://gpg4win.org/download.html</a>.</p>
72 64
     <p>Once it's installed, use GnuPG to import the key that signed your
73 65
     package. Since GnuPG for Windows is a command-line tool, you will need
74
-    to use <i>cmd.exe</i>.<br></br>
75
-
76
-    <img alt="cmd.exe" src="../../images/cmd.jpg" width="405" height="512">    
77
-    
66
+    to use <i>cmd.exe</i>. Unless you edit your PATH environment variable,
67
+    you will need to tell Windows the full path to the GnuPG program. If
68
+    you installed GnuPG with the default values, the path should be
69
+    something like this: <i>C:\Program Files\Gnu\GnuPg\gpg.exe</i>.</p>
78 70
     <p>Erinn Clark signs the Tor Browser Bundles. Import her key
79
-    (0x63FEE659) by starting <i>cmd.exe</i> and typing:</p>
80
-
81
-    <pre>gpg --keyserver hkp://keys.gnupg.net --recv-keys 0x63FEE659</pre>
82
-
83
-    <p><strong>Note that Windows 8 users may need to type gpg2 rather than gpg.</strong> <br />After importing the key, you can verify that the fingerprint
71
+    (0x416F061063FEE659) by starting <i>cmd.exe</i> and typing:</p>
72
+    <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --keyserver x-hkp://pool.sks-keyservers.net --recv-keys 0x416F061063FEE659</pre>
73
+    <p>After importing the key, you can verify that the fingerprint
84 74
     is correct:</p>
85
-
86
-    <pre>gpg --fingerprint 0x63FEE659</pre>
87
-
75
+    <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --fingerprint 0x416F061063FEE659</pre>
88 76
     <p>You should see:</p>
89 77
     <pre>
90 78
     pub   2048R/63FEE659 2003-10-16
... ...
@@ -98,12 +85,8 @@
98 85
     <p>To verify the signature of the package you downloaded, you will need
99 86
     to download the ".asc" file as well. Assuming you downloaded the
100 87
     package and its signature to your Desktop, run:</p>
101
-    
102
-    <pre>cd Desktop</pre>
103
-    <pre>gpg --verify tor-browser-&lt VERSION NUMBER &gt_en-US.exe.asc tor-browser-&lt VERSION NUMBER &gt_en-US.exe</pre>
104
-
88
+    <pre>"C:\Program Files\Gnu\GnuPg\gpg.exe" --verify C:\Users\Alice\Desktop\tor-browser-2.3.25-13_en-US.exe.asc C:\Users\Alice\Desktop\tor-browser-2.3.25-13_en-US.exe</pre>
105 89
     <p>The output should say "Good signature": </p>
106
-
107 90
     <pre>
108 91
     gpg: Signature made Wed 31 Aug 2011 06:37:01 PM EDT using RSA key ID 63FEE659
109 92
     gpg: Good signature from "Erinn Clark &lt;erinn@torproject.org&gt;"
... ...
@@ -121,8 +103,6 @@
121 103
     to the developer. The best method is to meet the developer in person and
122 104
     exchange key fingerprints.
123 105
     </p>
124
-    <img alt="Verify the signature" src="../../images/verify-bundle.png" width="769" height="454">
125
-    <br />
126 106
     <h3>Mac OS X</h3>
127 107
     <hr>
128 108
 
129 109