I notice that 0.2.1.27 was downloaded today by the Synaptic Update
Manager. Thanks for creating it.
I have a question about the procedure for verifying signatures.
My sources.list file contains: deb http://deb.torproject.org/torproject.org
lucid main
System / Administration / Software Sources / Other Software also lists
http://deb.torproject.org/torproject.org lucid main
In System / Administration / Software Sources / Authentication there is an
deb.torproject.org archive signing key dated 2009-09-04 with the value
886DDD89.
Am I correct to think that this key sufficient to verify updates when using
sources.list. My impression is that the page
https://www.torproject.org/docs/verifying-signatures.html.en refers to
verifying files that have been manually downloaded (rather than through
Update Manager).
Also, who exactly owns 886DDD89? Is it a specific person or for
torproject.org as a whole?
Thanks.
On 28/11/10 21:55, [email protected] wrote:
On Sun, Nov 28, 2010 at 08:56:13PM +0000, [email protected] wrote 5.4K bytes in
125 lines about:
: I am curious how to get 0.2.1.27 in the preferred way when using
: Ubuntu. Thanks!
You are doing it correctly. Packages for ubuntu/debian for 0.2.1.27
aren't created yet. We announce the source release before the binary
packages we create are available. It's generally a few days from source
release to binary package availability. The exception here is OS X PPC,
which lacks a build machine right now.
