As reported in a bug report, when downloading an ISO signature from Tails, the browser proposes to open it using "Decrypt File" instead of "Verify Signature".
See https://tails.boum.org/todo/fix_signature_verification_from_Iceweasel/. In Tails 0.18, with Squeeze, /etc/mime.types has: application/pgp-encrypted application/pgp-keys key application/pgp-signature pgp On my machine, with Wheeze, it has: application/pgp-encrypted pgp application/pgp-keys key application/pgp-signature sig At the time we named the signature file *.pgp I guess boum.org was on Squeeze. Maybe now it's on Wheezy and the MIME association changed. It's now returning application/pgp-encrypted, see: $ curl --verbose https://tails.boum.org/torrents/files/tails-i386-0.19.torrent.pgp [...] < Content-Type: application/pgp-encrypted On my local webserver under Wheezy, downloading tails-i386-0.19.torrent.pgp proposes "Decrypt File" but downloading the same file renamed as tails-i386-0.19.torrent.sig proposes "Verify Signature". Seems like it's time to rename our signature files as .sig. But since all that depends on the webserver providing the file, it might also differ on different mirrors. Would we prefer to serve the signature always from boum.org?
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
