Commit d3e896bc authored by amnesia's avatar amnesia
Browse files

updated PO files

parent a5cc58ea
# SOME DESCRIPTIVE TITLE
# Copyright (C) YEAR Free Software Foundation, Inc.
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2011-06-17 06:32-0600\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#. type: Plain text
#, no-wrap
msgid "[[!meta title=\"Trusting Tails signing key\"]]\n"
msgstr ""
#. type: Plain text
msgid ""
"We will present you three techniques from the easiest to the safest. Again, "
"none of them is a perfect and magic solution. Feel free to explore them "
"according to your possibilities and technical skills."
msgstr ""
#. type: Plain text
msgid ""
"Note that since all Tails releases are signed with the same key, you will "
"not have to verify the key every time and the trust you might progressively "
"build in it will be built once and for all. Still, you will have to check "
"the ISO image every time you download a new one!"
msgstr ""
#. type: Title #
#, no-wrap
msgid "Correlates several downloads of Tails signing key"
msgstr ""
#. type: Plain text
msgid ""
"A simple technique to increase the trust you can put in Tails signing key "
"would be to download it several times, from several locations, several "
"computers, possibly several countries, etc."
msgstr ""
#. type: Plain text
msgid ""
"For example you could save them every time with a different name in the same "
"directory on a USB stick. Then run the following command from a terminal to "
"check whether all the keys are identical:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" cd [your download directory]\n"
" sha256sum tails-signing*.key\n"
msgstr ""
#. type: Plain text
msgid "This command would output something like this:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" f11c8e27f86e173bc14be342d7d97042d5e4ee6fa0ddfd55b2ec3fabe4e55e43 "
"tails-signing-desktop.key\n"
" f11c8e27f86e173bc14be342d7d97042d5e4ee6fa0ddfd55b2ec3fabe4e55e43 "
"tails-signing-laptop.key\n"
" f11c8e27f86e173bc14be342d7d97042d5e4ee6fa0ddfd55b2ec3fabe4e55e43 "
"tails-signing-library.key\n"
" f11c8e27f86e173bc14be342d7d97042d5e4ee6fa0ddfd55b2ec3fabe4e55e43 "
"tails-signing-seattle.key\n"
msgstr ""
#. type: Plain text
msgid ""
"You would then need to visually check that all the checksums of the first "
"column are the same, meaning that the keys are identical."
msgstr ""
#. type: Plain text
msgid ""
"You could also use this technique to compare keys downloaded by your friends "
"or other people you trust."
msgstr ""
#. type: Title #
#, no-wrap
msgid "Using the OpenPGP Web of Trust"
msgstr ""
#. type: Plain text
msgid ""
"If you want to be extra cautious and really authenticate Tails signing key "
"in a stronger way than what standard HTTPS offers you, you will need to use "
"the OpenPGP Web of Trust."
msgstr ""
#. type: Plain text
msgid ""
"One of the inherent problems of standard HTTPS is that the trust we usually "
"put on a website is defined by certificate authorities: a hierarchical and "
"closed set of companies and governmental institutions approved by web "
"browser vendors. This model of trust has long been criticized and proved "
"several times to be vulnerable to attacks [[as explained on our warning "
"page|doc/warning#index3h1]]."
msgstr ""
#. type: Plain text
msgid ""
"We believe instead that users should be given the final say when trusting a "
"website, and that designation of trust should be done on the basis of human "
"interaction."
msgstr ""
#. type: Plain text
msgid ""
"The OpenPGP [[!wikipedia Web_of_Trust desc=\"Web of Trust\"]] is a "
"decentralized trust model based on OpenPGP keys. Let's see that with an "
"example."
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"*You're a friend of Alice and really trust her way of managing OpenPGP "
"keys.\n"
"You're trusting Alice's key.*\n"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"*Furthermore, Alice met Bob, a Tails developer, in a conference, and "
"signed\n"
"Bob's key. Alice is trusting Bob's key.*\n"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"*Bob is a Tails developer who directly owns the Tails signing key. Bob "
"fully\n"
"trusts Tails signing key.*\n"
msgstr ""
#. type: Plain text
msgid ""
"This scenario creates a trust path from you to Tails signing key that could "
"allow you to trust it without having to depend on certificate authorities."
msgstr ""
#. type: Plain text
msgid ""
"This trust model is not perfect either and requires both caution and "
"intelligent supervision by users. The technical details of creating, "
"managing and trusting OpenPGP keys is outside of the scope of this document."
msgstr ""
#. type: Plain text
msgid ""
"We also acknowledge that not everybody might be able to create good trust "
"path to Tails signing key since it based on a network of direct human "
"relationships and the knowledge of quite complex tools such as OpenPGP."
msgstr ""
#. type: Title #
#, no-wrap
msgid "Check Tails signing key against the Debian keyring"
msgstr ""
#. type: Plain text
msgid ""
"Following the previous scenario, when Alice met Bob, a Tails developer, she "
"could make a new signature on Tails signing key with her own key to certify "
"this trust relationship and make it public. Tails signing key would now come "
"along with a signature made by Alice."
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"Tails signing key is actually already signed by the keys of several "
"official\n"
"developers of Debian, the operating system on which Tails is based. Debian "
"makes\n"
"an extensive use of OpenPGP and you can download the keys of all Debian\n"
"developers by installing the <code>debian-keyring</code> package. You can "
"then\n"
"verify the signatures those developers made with their own key on Tails "
"signing\n"
"key.\n"
msgstr ""
#. type: Plain text
msgid "To download the Debian keyring you can do:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid " sudo apt-get install debian-keyring\n"
msgstr ""
#. type: Plain text
msgid ""
"To get a list of the signatures made by other people on Tails signing key "
"you can do:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid " gpg --keyid-format long --list-sigs 1202821CBE2CD9C1\n"
msgstr ""
#. type: Plain text
msgid "You will get something like this:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" pub 4096R/1202821CBE2CD9C1 2010-10-07 [expires: 2012-10-06]\n"
" uid Tails developers (signing key) "
"<tails@boum.org>\n"
" sig 3 1202821CBE2CD9C1 2011-04-16 Tails developers (signing key) "
"<tails@boum.org>\n"
" sig BACE15D2A57498FF 2011-04-16 [User ID not found]\n"
" sig CCD2ED94D21739E9 2011-06-12 [User ID not found]\n"
" uid T(A)ILS developers (signing key) "
"<amnesia@boum.org>\n"
" sig 3 1202821CBE2CD9C1 2010-10-07 Tails developers (signing key) "
"<tails@boum.org>\n"
" sig BACE15D2A57498FF 2010-10-07 [User ID not found]\n"
" sig 8CBF9A322861A790 2010-12-24 [User ID not found]\n"
" sig 7EF27D76B2177E1F 2010-12-27 [User ID not found]\n"
" sig CCD2ED94D21739E9 2010-12-29 [User ID not found]\n"
" sig AC0EC35285821C42 2011-03-22 [User ID not found]\n"
" sig C2DEE7F336042734 2010-10-24 [User ID not found]\n"
msgstr ""
#. type: Plain text
msgid ""
"The lines ending with '[User ID not found]' are signatures made by keys you "
"still don't have in your keyring. You could try to search for them in the "
"Debian keyring by their key ID: the 16 digit code between the 'sig' tag and "
"the date. You could for example do:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" gpg --keyid-format long --keyring=/usr/share/keyrings/debian-keyring.gpg "
"--list-key CCD2ED94D21739E9\n"
msgstr ""
#. type: Plain text
msgid ""
"If this signature corresponds to a key in the Debian keyring you will get "
"something like this:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" pub 4096R/CCD2ED94D21739E9 2007-06-02 [expires: 2012-05-31]\n"
" uid Daniel Kahn Gillmor "
"<dkg@fifthhorseman.net>\n"
" uid Daniel Kahn Gillmor <dkg@openflows.com>\n"
" uid [jpeg image of size 3515]\n"
" uid Daniel Kahn Gillmor <dkg@debian.org>\n"
" sub 4096R/C61BD3EC21484CFF 2007-06-02 [expires: 2012-05-31]\n"
" sub 2048R/125868EA4BFA08E4 2008-06-19 [expires: 2011-05-31]\n"
msgstr ""
#. type: Plain text
msgid "You can then import it in your own keyring by doing:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" gpg --keyring=/usr/share/keyrings/debian-keyring.gpg --export "
"CCD2ED94D21739E9 | gpg --import\n"
msgstr ""
#. type: Plain text
msgid ""
"Now you can try to verify the signature made by this new key on Tails "
"signing key by doing:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid " gpg --keyid-format long --check-sigs 1202821CBE2CD9C1\n"
msgstr ""
#. type: Plain text
msgid ""
"On the output, The status of the verification is indicated by a flag "
"directly following the \"sig\" tag. A \"!\" indicates that the signature has "
"been successfully verified, a \"-\" denotes a bad signature and a \"%\" is "
"used if an error occurred while checking the signature (e.g. a non supported "
"algorithm). For example, in the following output the signature of Daniel "
"Kahn Gillmor on Tails signing key has been successfully verified:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" pub 4096R/1202821CBE2CD9C1 2010-10-07 [expires: 2012-10-06]\n"
" uid Tails developers (signing key) "
"<tails@boum.org>\n"
" sig!3 1202821CBE2CD9C1 2011-04-16 Tails developers (signing key) "
"<tails@boum.org>\n"
" sig! CCD2ED94D21739E9 2011-06-12 Daniel Kahn Gillmor "
"<dkg@fifthhorseman.net>\n"
" uid T(A)ILS developers (signing key) "
"<amnesia@boum.org>\n"
" sig!3 1202821CBE2CD9C1 2010-10-07 Tails developers (signing key) "
"<tails@boum.org>\n"
" sig! CCD2ED94D21739E9 2010-12-29 Daniel Kahn Gillmor "
"<dkg@fifthhorseman.net>\n"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" pub 4096R/1202821CBE2CD9C1 2010-10-07 [expires: 2012-10-06]\n"
" uid T(A)ILS developers (signing key) "
"<amnesia@boum.org>\n"
" sig!3 1202821CBE2CD9C1 2010-10-07 T(A)ILS developers (signing "
"key) <amnesia@boum.org>\n"
" sig! CCD2ED94D21739E9 2010-12-29 Daniel Kahn Gillmor "
"<dkg@fifthhorseman.net>\n"
msgstr ""
#. type: Plain text
#, no-wrap
msgid " 3 signatures not checked due to missing keys\n"
msgstr ""
#. type: Title #
#, no-wrap
msgid "Get into the Web of Trust!"
msgstr ""
#. type: Plain text
msgid ""
"Since the Web of Trust is actually based on human relationships and "
"real-life interactions the best would be to start establishing contacts with "
"people knowledgeable about OpenPGP, start using it yourself and build trust "
"relationships in order to find your own trust path to Tails signing key."
msgstr ""
#. type: Plain text
msgid ""
"You could start by contacting a local [[!wikipedia Linux_User_Group "
"desc=\"%s\"]] or other Tails enthusiasts near you and exchange about their "
"OpenPGP practices."
msgstr ""
#. type: Title #
#, no-wrap
msgid "Further reading on OpenPGP"
msgstr ""
#. type: Plain text
msgid ""
"- [[!wikipedia GnuPG desc=\"Wikipedia: %s\"]], a free OpenPGP software - "
"[[Apache: How To OpenPGP|http://www.apache.org/dev/openpgp.html]] - "
"[[Debian: Keysigning|http://www.debian.org/events/keysigning]], a tutorial "
"on sign keys of other people - [[rubin.ch: Explanation of the web of trust "
"of PGP|http://www.rubin.ch/pgp/weboftrust.en.html]]"
msgstr ""
# SOME DESCRIPTIVE TITLE
# Copyright (C) YEAR Free Software Foundation, Inc.
# This file is distributed under the same license as the PACKAGE package.
# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
#
#, fuzzy
msgid ""
msgstr ""
"Project-Id-Version: PACKAGE VERSION\n"
"POT-Creation-Date: 2011-06-17 06:32-0600\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
"Language: \n"
"MIME-Version: 1.0\n"
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
#. type: Plain text
#, no-wrap
msgid "[[!meta title=\"Trusting Tails signing key\"]]\n"
msgstr ""
#. type: Plain text
msgid ""
"We will present you three techniques from the easiest to the safest. Again, "
"none of them is a perfect and magic solution. Feel free to explore them "
"according to your possibilities and technical skills."
msgstr ""
#. type: Plain text
msgid ""
"Note that since all Tails releases are signed with the same key, you will "
"not have to verify the key every time and the trust you might progressively "
"build in it will be built once and for all. Still, you will have to check "
"the ISO image every time you download a new one!"
msgstr ""
#. type: Title #
#, no-wrap
msgid "Correlates several downloads of Tails signing key"
msgstr ""
#. type: Plain text
msgid ""
"A simple technique to increase the trust you can put in Tails signing key "
"would be to download it several times, from several locations, several "
"computers, possibly several countries, etc."
msgstr ""
#. type: Plain text
msgid ""
"For example you could save them every time with a different name in the same "
"directory on a USB stick. Then run the following command from a terminal to "
"check whether all the keys are identical:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" cd [your download directory]\n"
" sha256sum tails-signing*.key\n"
msgstr ""
#. type: Plain text
msgid "This command would output something like this:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" f11c8e27f86e173bc14be342d7d97042d5e4ee6fa0ddfd55b2ec3fabe4e55e43 "
"tails-signing-desktop.key\n"
" f11c8e27f86e173bc14be342d7d97042d5e4ee6fa0ddfd55b2ec3fabe4e55e43 "
"tails-signing-laptop.key\n"
" f11c8e27f86e173bc14be342d7d97042d5e4ee6fa0ddfd55b2ec3fabe4e55e43 "
"tails-signing-library.key\n"
" f11c8e27f86e173bc14be342d7d97042d5e4ee6fa0ddfd55b2ec3fabe4e55e43 "
"tails-signing-seattle.key\n"
msgstr ""
#. type: Plain text
msgid ""
"You would then need to visually check that all the checksums of the first "
"column are the same, meaning that the keys are identical."
msgstr ""
#. type: Plain text
msgid ""
"You could also use this technique to compare keys downloaded by your friends "
"or other people you trust."
msgstr ""
#. type: Title #
#, no-wrap
msgid "Using the OpenPGP Web of Trust"
msgstr ""
#. type: Plain text
msgid ""
"If you want to be extra cautious and really authenticate Tails signing key "
"in a stronger way than what standard HTTPS offers you, you will need to use "
"the OpenPGP Web of Trust."
msgstr ""
#. type: Plain text
msgid ""
"One of the inherent problems of standard HTTPS is that the trust we usually "
"put on a website is defined by certificate authorities: a hierarchical and "
"closed set of companies and governmental institutions approved by web "
"browser vendors. This model of trust has long been criticized and proved "
"several times to be vulnerable to attacks [[as explained on our warning "
"page|doc/warning#index3h1]]."
msgstr ""
#. type: Plain text
msgid ""
"We believe instead that users should be given the final say when trusting a "
"website, and that designation of trust should be done on the basis of human "
"interaction."
msgstr ""
#. type: Plain text
msgid ""
"The OpenPGP [[!wikipedia Web_of_Trust desc=\"Web of Trust\"]] is a "
"decentralized trust model based on OpenPGP keys. Let's see that with an "
"example."
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"*You're a friend of Alice and really trust her way of managing OpenPGP "
"keys.\n"
"You're trusting Alice's key.*\n"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"*Furthermore, Alice met Bob, a Tails developer, in a conference, and "
"signed\n"
"Bob's key. Alice is trusting Bob's key.*\n"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"*Bob is a Tails developer who directly owns the Tails signing key. Bob "
"fully\n"
"trusts Tails signing key.*\n"
msgstr ""
#. type: Plain text
msgid ""
"This scenario creates a trust path from you to Tails signing key that could "
"allow you to trust it without having to depend on certificate authorities."
msgstr ""
#. type: Plain text
msgid ""
"This trust model is not perfect either and requires both caution and "
"intelligent supervision by users. The technical details of creating, "
"managing and trusting OpenPGP keys is outside of the scope of this document."
msgstr ""
#. type: Plain text
msgid ""
"We also acknowledge that not everybody might be able to create good trust "
"path to Tails signing key since it based on a network of direct human "
"relationships and the knowledge of quite complex tools such as OpenPGP."
msgstr ""
#. type: Title #
#, no-wrap
msgid "Check Tails signing key against the Debian keyring"
msgstr ""
#. type: Plain text
msgid ""
"Following the previous scenario, when Alice met Bob, a Tails developer, she "
"could make a new signature on Tails signing key with her own key to certify "
"this trust relationship and make it public. Tails signing key would now come "
"along with a signature made by Alice."
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
"Tails signing key is actually already signed by the keys of several "
"official\n"
"developers of Debian, the operating system on which Tails is based. Debian "
"makes\n"
"an extensive use of OpenPGP and you can download the keys of all Debian\n"
"developers by installing the <code>debian-keyring</code> package. You can "
"then\n"
"verify the signatures those developers made with their own key on Tails "
"signing\n"
"key.\n"
msgstr ""
#. type: Plain text
msgid "To download the Debian keyring you can do:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid " sudo apt-get install debian-keyring\n"
msgstr ""
#. type: Plain text
msgid ""
"To get a list of the signatures made by other people on Tails signing key "
"you can do:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid " gpg --keyid-format long --list-sigs 1202821CBE2CD9C1\n"
msgstr ""
#. type: Plain text
msgid "You will get something like this:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""
" pub 4096R/1202821CBE2CD9C1 2010-10-07 [expires: 2012-10-06]\n"
" uid Tails developers (signing key) "
"<tails@boum.org>\n"
" sig 3 1202821CBE2CD9C1 2011-04-16 Tails developers (signing key) "
"<tails@boum.org>\n"
" sig BACE15D2A57498FF 2011-04-16 [User ID not found]\n"
" sig CCD2ED94D21739E9 2011-06-12 [User ID not found]\n"
" uid T(A)ILS developers (signing key) "
"<amnesia@boum.org>\n"
" sig 3 1202821CBE2CD9C1 2010-10-07 Tails developers (signing key) "
"<tails@boum.org>\n"
" sig BACE15D2A57498FF 2010-10-07 [User ID not found]\n"
" sig 8CBF9A322861A790 2010-12-24 [User ID not found]\n"
" sig 7EF27D76B2177E1F 2010-12-27 [User ID not found]\n"
" sig CCD2ED94D21739E9 2010-12-29 [User ID not found]\n"
" sig AC0EC35285821C42 2011-03-22 [User ID not found]\n"
" sig C2DEE7F336042734 2010-10-24 [User ID not found]\n"
msgstr ""
#. type: Plain text
msgid ""
"The lines ending with '[User ID not found]' are signatures made by keys you "
"still don't have in your keyring. You could try to search for them in the "
"Debian keyring by their key ID: the 16 digit code between the 'sig' tag and "
"the date. You could for example do:"
msgstr ""
#. type: Plain text
#, no-wrap
msgid ""