On 08/12/14 05:30, Jacob Appelbaum wrote:
> How are IUK files verified? The JSON descriptors don't appear to
> contain a signature, merely a hash:
> 
>   https://tails.boum.org/upgrade/v1/Tails/1.2/i386/stable/upgrades.yml

All upgrades.yml files are signed with the Tails signing key, for instance:

    https://tails.boum.org/upgrade/v1/Tails/1.2/i386/stable/upgrades.yml.pgp

Cheers!
_______________________________________________
Tails-dev mailing list
[email protected]
https://mailman.boum.org/listinfo/tails-dev
To unsubscribe from this list, send an empty email to 
[email protected].

Reply via email to