-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2016-10-01 09:36, Chris Laprise wrote:
> On 10/01/2016 09:07 AM, Arqwer wrote:
>> Documentation says to check digests after I verified an .iso with gpg. Why?
>> Doesn't correct PGP signature mean, that .iso is good and came from Qubes
>>
On 10/01/2016 09:07 AM, Arqwer wrote:
Documentation says to check digests after I verified an .iso with gpg. Why?
Doesn't correct PGP signature mean, that .iso is good and came from Qubes
developers?
Its really an alternative to gpg verification, not an additional step.
The doc doesn't