Bug #11019

Clarify that BitTorrent verification doesn't replace OpenPGP verification

Added by muri 2016-01-28 22:11:57 . Updated 2016-02-16 07:37:16 .

Status:
Resolved
Priority:
Normal
Assignee:
Category:
Installation
Target version:
Start date:
2016-01-28
Due date:
% Done:

90%

Feature Branch:
web/11019-bittorrent-openpgp
Type of work:
End-user documentation
Blueprint:

Starter:
Affected tool:
Installation Assistant
Deliverable for:

Description

https://tails.boum.org/install/linux/usb/index.en.html states:
> Your BitTorrent client verifies your download automatically based on a cryptographic checksum in the Torrent file.

but users should verify the downloaded iso using gpg. we should make clear that these are different kinds of verification.


Subtasks


Related issues

Related to Tails - Feature #8832: Assistant: Removing signature from Torrent Rejected 2015-02-02
Related to Tails - Feature #11127: Stop distributing detached signatures of Torrent files Rejected 2016-02-14

History

#1 Updated by sajolida 2016-01-31 10:19:13

  • Subject changed from Change wording about torrent client verifying the iso to Clarify that BitTorrent verification doesn't replace OpenPGP verification
  • Category set to Installation
  • Status changed from New to Confirmed
  • Assignee set to sajolida
  • Target version set to Tails_2.2
  • QA Check set to Dev Needed

Right, there’s a bug here. Thanks for pointing it out.

People using DAVE (the extension) are suggested to do additional OpenPGP verification but not people downloading with BitTorrent. I think we should duplicate the sentence we have about “If you are knowledgeable about OpenPGP,” in the BitTorrent toggle as well. I’ll do this.

#2 Updated by sajolida 2016-02-14 11:56:23

  • related to Feature #8832: Assistant: Removing signature from Torrent added

#3 Updated by sajolida 2016-02-14 11:57:01

  • Assignee changed from sajolida to muri
  • QA Check changed from Dev Needed to Ready for QA
  • Feature Branch set to web/11019-bittorrent-openpgp

Done something in web/11019-bittorrent-openpgp. Pleae review.

#4 Updated by sajolida 2016-02-14 12:13:06

  • related to Feature #11127: Stop distributing detached signatures of Torrent files added

#5 Updated by muri 2016-02-15 10:19:31

  • Status changed from Confirmed to In Progress
  • Assignee changed from muri to sajolida
  • % Done changed from 0 to 90
  • QA Check changed from Ready for QA to Pass

sajolida wrote:
> Done something in web/11019-bittorrent-openpgp. Pleae review.

great, i’ve reviewed. thanks!

#6 Updated by sajolida 2016-02-16 07:37:16

  • Status changed from In Progress to Resolved
  • Assignee deleted (sajolida)
  • QA Check deleted (Pass)

Merged, then :)