Commit 822e8af3 authored by Tails developers's avatar Tails developers
Browse files

doc: Add comment on key trust while checking signatures.

parent 4aca8893
......@@ -240,7 +240,7 @@ gpg: unchanged: 2
<pre>
cd [the ISO image directory]
gpg --verify tails-i386-0.7.1.iso.pgp tails-i386-0.7.1.iso
gpg --verify tails-i386-0.7.2.iso.pgp tails-i386-0.7.2.iso
</pre>
<p><strong>If the ISO image is correct</strong> the output will tell you
......@@ -252,6 +252,21 @@ gpg: using RSA key 1202821CBE2CD9C1
gpg: Good signature from "Tails developers (signing key) &lt;tails@boum.org&gt;"
</pre>
<p>This might be followed by a warning saying:</p>
<pre>
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 0D24 B36A A9A2 A651 7878 7645 1202 821C BE2C D9C1
</pre>
<p>This doesn't alter the validity of the signature according to the key
you downloaded. This warning rather has to do with the trust that you
put in Tails signing key. See, [[Trusting Tails signing
key|doc/trusting_tails_signing_key]]. To remove this warning you would
have to personnally <span class="definition">[[!wikipedia Keysigning
desc="sign"]]</span> Tails signing key with your own key.</p>
<p><strong>If the ISO image is not correct</strong> the output will tell
you that the signature is bad:</p>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment