intrigeri: > [email protected] wrote (08 Apr 2014 13:21:25 GMT) : >> The user might, either before, either after using the Installer, do >> stronger verification on the signing key in her own keyring. For example >> you might have a personal trust path or a local signature in your >> personal keyring. > >> Maybe an alternative would be to combine both without modifying the >> user's keyring: >> 1. Verify first with the signing key from the package >> 2. Also try to verify the ISO using the user's keyring >> 3. Compare both results and warn the user if they differ > > OK. At this point, maybe it would be worth creating a ticket.
Done: https://labs.riseup.net/code/issues/7046 -- sajolida
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
