http://bugzilla.opensuse.org/show_bug.cgi?id=1079251
http://bugzilla.opensuse.org/show_bug.cgi?id=1079251#c2
--- Comment #2 from George Anchev ---
Downloading manually Tor browser for Linux and the signature file from the
original site and following the instruction given here:
https://www.torproject.org/docs/verifying-signatures.html.en
[/tmp/download]: gpg --keyserver pool.sks-keyservers.net --recv-keys
0x4E2C6E8793298290
gpg: requesting key 93298290 from hkp server pool.sks-keyservers.net
gpg: key 93298290: public key "Tor Browser Developers (signing key)
" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: Total number processed: 1
gpg: imported: 1 (RSA: 1)
[/tmp/download]: gpg --fingerprint 0x4E2C6E8793298290
pub 4096R/93298290 2014-12-15 [expires: 2020-08-24]
Key fingerprint = EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
uid [ unknown] Tor Browser Developers (signing key)
sub 4096R/C3C07136 2016-08-24 [expires: 2018-08-24]
[/tmp/download]: gpg --verify tor-browser-linux64-7.5_en-US.tar.xz.asc
tor-browser-linux64-7.5_en-US.tar.xz
gpg: Signature made Tue 23 Jan 2018 02:50:13 AM EET using RSA key ID C3C07136
gpg: Good signature from "Tor Browser Developers (signing key)
" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
Subkey fingerprint: A430 0A6B C93C 0877 A445 1486 D148 3FA6 C3C0 7136
[/tmp/download]:
--
You are receiving this mail because:
You are on the CC list for the bug.