Opened 3 months ago

Last modified 8 weeks ago

#31294 new task

Sign Tor Browser releases with an OpenPGP tool that includes Issuer Fingerprint subpackets

Reported by: boklm Owned by: tbb-team
Priority: Medium Milestone:
Component: Applications/Tor Browser Version:
Severity: Normal Keywords:
Cc: dkg Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

#31292 has details about the issue. This ticket is for the Tor Browser signatures, while #31292 is for the Tor source tarballs signatures.

Child Tickets

Change History (2)

comment:1 Changed 3 months ago by gk

Hrm, seems we need a newer GnuPG version on our signing machine... :(

comment:2 Changed 8 weeks ago by dkg

I don't know what your signing machine is running, but over in #31292, nickm suggests that on some older version of fedora, gpg is just the 1.4 series, while gpg2 is the more modern version. Perhaps you just need to invoke it as gpg2?

Note: See TracTickets for help on using tickets.