Project

General

Profile

Bug #13634

explain somewhere that in some cases the signing key may have to be updated

Added by goupille 6 months ago. Updated about 1 month ago.

Status:
Confirmed
Priority:
Normal
Assignee:
Category:
Installation
Target version:
-
Start date:
08/15/2017
Due date:
% Done:

0%

QA Check:
Feature Branch:
Type of work:
End-user documentation
Blueprint:
Starter:
Affected tool:

Description

In the documentation to download and verify the ISO with GnuPG (http://tails.boum.org/install/download/openpgp), it is said that

If you are doing the verification for the first time, download the Tails signing key and import it in your keyring. If you are working from Tails, the signing key is already included.

If a user have downloaded the signing key a long time ago, or uses an old Tails release, it may not be up to date, and therefore the verification ends up with a "this key is expired" error. A lot of users keep using this method to verify the ISO and send us bug reports or emails, worried about our signing key not being valid anymore.

I think I'll add an entry to the FAQ about this, but I doubt it will avoid all these users from sending bug reports... If the documentation suggested the users to update the signing key before verifying the ISO, it would solve the issue.


Related issues

Related to Tails - Feature #14977: Improve OpenPGP instructions based on Cody's and jaster's feedback In Progress 11/17/2017
Duplicated by Tails - Feature #14711: Tell people to update the signing key on verification failure Duplicate 09/23/2017
Blocks Tails - Feature #14758: Core work 2017Q4 → 2018Q1: Technical writing Confirmed 09/17/2017

History

#1 Updated by u about 1 month ago

  • Related to Feature #14977: Improve OpenPGP instructions based on Cody's and jaster's feedback added

#2 Updated by u about 1 month ago

  • Related to Feature #14711: Tell people to update the signing key on verification failure added

#3 Updated by sajolida about 1 month ago

  • Related to deleted (Feature #14711: Tell people to update the signing key on verification failure)

#4 Updated by sajolida about 1 month ago

The code lives here: https://git-tails.immerda.ch/tails/ and we want the installation instructions at https://tails.boum.org/install/ -> OpenPGP verification updated.

#5 Updated by sajolida about 1 month ago

  • Duplicated by Feature #14711: Tell people to update the signing key on verification failure added

#6 Updated by emmapeel 21 days ago

  • Blocks Feature #14758: Core work 2017Q4 → 2018Q1: Technical writing added

Also available in: Atom PDF