Verified Commit 7b20f3bf authored by Georg Koppen's avatar Georg Koppen
Browse files

Merge remote-tracking branch 'origin/update-signature'

Closes: #40012
parents d6faca47 d6316232
Pipeline #36245 passed with stage
in 2 minutes and 53 seconds
......@@ -43,8 +43,8 @@ verification process by example.
Download the release tarball and the separate signature file:
(Note that earlier tarballs were named descriptor-VERSION.tar.gz and could
......@@ -53,7 +53,7 @@ be found in
Attempt to verify the signature on the tarball:
gpg --verify metrics-lib-2.0.0.tar.gz.asc
gpg --verify metrics-lib-<version>.tar.gz.asc
If the signature cannot be verified due to the public key of the signer
......@@ -61,10 +61,14 @@ not being locally available, download that public key from one of the key
servers and retry:
gpg --keyserver --recv-key 0x4EFD4FDC3F46D41E
gpg --verify metrics-lib-2.0.0.tar.gz.asc
gpg --keyserver --recv-key 0x2B4075479596D580
gpg --verify metrics-lib-<version>.tar.gz.asc
Alternatively you can also download the key from Tor Project's DB:
If the signature still cannot be verified, something is wrong!
But note that even if it can be verified, you now only know that the
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment