Opened 6 years ago

Closed 6 years ago

#10453 closed defect (fixed)

Mikeperry's TBB3.5 GPG signature is bad

Reported by: cypherpunks Owned by: phobos
Priority: High Milestone:
Component: Applications/Tor bundles/installation Version:
Severity: Keywords:
Cc: mikeperry Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Child Tickets

Change History (7)

comment:1 Changed 6 years ago by karsten

Cc: mikeperry added

Confirmed, signature is bad.

$ gpg sha256sums.txt-mikeperry.asc 
Detached signature.
Please enter name of data file: sha256sums.txt
gpg: Signature made Tue Dec 17 09:52:34 2013 CET using RSA key ID 0E3A92E4
gpg: BAD signature from "Mike Perry (Regular use key) <>"

comment:2 Changed 6 years ago by arma

Component: - Select a componentTor bundles/installation
Owner: set to erinn
Priority: normalmajor
Summary: Bad GPG signatureMikeperry's TBB3.5 GPG signature is bad

comment:3 Changed 6 years ago by isis

That signature was apparently made on a binary file, not a text file. The signature type octet is 0x00, when for a text file it should be 0x01.

comment:4 Changed 6 years ago by mikeperry

Ugh. I tried to fix this before the release and it looks like I failed. should have the correct signature.

It also looks like we still need to remove the old linus-sha256sums.txt.asc and mikeperry-sha256sums.txt.asc from, especially since the latter will remain a bad sig otherwise.

comment:5 Changed 6 years ago by erinn

Owner: changed from erinn to phobos
Status: newassigned

I've fixed the sig issue, but the files on archive are owned by phobos so I can't remove them.

phobos, can you: rm /srv/{linus,mikeperry}-sha256sums.txt.asc ?

comment:6 Changed 6 years ago by phobos


comment:7 Changed 6 years ago by phobos

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.