Bug #13634
explain somewhere that in some cases the signing key may have to be updated
0%
Description
In the documentation to download and verify the ISO with GnuPG (http://tails.boum.org/install/download/openpgp), it is said that
> If you are doing the verification for the first time, download the Tails signing key and import it in your keyring. If you are working from Tails, the signing key is already included.
If a user have downloaded the signing key a long time ago, or uses an old Tails release, it may not be up to date, and therefore the verification ends up with a “this key is expired” error. A lot of users keep using this method to verify the ISO and send us bug reports or emails, worried about our signing key not being valid anymore.
I think I’ll add an entry to the FAQ about this, but I doubt it will avoid all these users from sending bug reports… If the documentation suggested the users to update the signing key before verifying the ISO, it would solve the issue.
Subtasks
Related issues
Related to Tails - |
Resolved | 2017-11-17 | |
Has duplicate Tails - |
Duplicate | 2017-09-23 | |
Has duplicate Tails - |
Duplicate | 2018-03-22 |
History
#1 Updated by Anonymous 2018-01-17 11:39:00
- related to
Feature #14977: Improve OpenPGP instructions based on Cody's and jaster's feedback added
#2 Updated by Anonymous 2018-01-19 16:04:23
- related to
Feature #14711: Tell people to update the signing key on verification failure added
#3 Updated by sajolida 2018-01-21 12:38:56
- related to deleted (
)Feature #14711: Tell people to update the signing key on verification failure
#4 Updated by sajolida 2018-01-21 12:39:16
The code lives here: https://git-tails.immerda.ch/tails/ and we want the installation instructions at https://tails.boum.org/install/ -> OpenPGP verification updated.
#5 Updated by sajolida 2018-01-21 12:39:20
- has duplicate
Feature #14711: Tell people to update the signing key on verification failure added
#6 Updated by emmapeel 2018-02-04 10:51:06
- blocks
Feature #14758: Core work 2017Q4 → 2018Q1: Technical writing added
#7 Updated by sajolida 2018-03-27 11:26:51
- blocked by deleted (
)Feature #14758: Core work 2017Q4 → 2018Q1: Technical writing
#8 Updated by sajolida 2018-03-27 11:26:57
- blocks
Feature #15411: Core work 2018Q2 → 2018Q3: Technical writing added
#9 Updated by sajolida 2018-03-27 11:27:07
I’m out of budget for this quarter.
#10 Updated by emmapeel 2018-04-02 10:14:40
- has duplicate
Bug #15448: Explanation how to verify image misses step to import key added
#11 Updated by sajolida 2018-06-04 12:48:35
- Target version set to Tails_3.8
#12 Updated by sajolida 2018-06-25 15:29:13
- Target version changed from Tails_3.8 to Tails_3.9
#13 Updated by sajolida 2018-08-19 19:56:50
- Target version changed from Tails_3.9 to Tails_3.10.1
#14 Updated by sajolida 2018-09-11 17:56:38
- blocked by deleted (
)Feature #15411: Core work 2018Q2 → 2018Q3: Technical writing
#15 Updated by sajolida 2018-09-11 17:56:43
- blocks
Feature #15941: Core work 2018Q4 → 2019Q2: Technical writing added
#16 Updated by sajolida 2018-10-21 20:39:46
- Target version changed from Tails_3.10.1 to Tails_3.11
#17 Updated by sajolida 2018-10-21 20:41:09
- blocked by deleted (
)Feature #15941: Core work 2018Q4 → 2019Q2: Technical writing
#18 Updated by sajolida 2018-10-21 20:41:12
- Assignee deleted (
sajolida) - Priority changed from Normal to Low
- Target version deleted (
Tails_3.11)
I don’t think that polishing our OpenPGP instructions for people who don’t really know how to use it is a good use of our tiny technical writing budget.