Sounds great. Let’s keep in touch and if you want me to provide feedback or review any OpenPGP instructions for OS X, I can sure do that - just ping me, once the new verification mechanism is in place.
Have a great day, s > Am 17.11.2015 um 11:34 schrieb sajolida <[email protected]>: > > steve: >> Dear all, > > Hi Steve, > >> The current verification steps for OS X users are, to put things mildly, >> broken. > > Thanks a lot for getting in touch with us. We have very limited > knowledge of Mac OS X and that partly why anything Mac related on our > website is mildly broken :) > >> Current procedure: >> >> Users would follow this link: >> >> https://tails.boum.org/download/index.en.html#download.verify-the-iso-image-using-other-operating-systems >> then have to follow this link: >> >> https://tails.boum.org/doc/get/verify_the_iso_image_using_the_command_line/index.en.html >> and those instructions are really hard to read and follow. >> >> Many unexperienced users will not be able to do this. They will give up and >> not >> attempt to use Tails - at all. > > I completely share your concern. Our verification instructions are quite > old, they have been written maybe 4 years ago and didn't really change > since then. > > The good news is that, at this very moment, we're working on brand new > download, verification, and installation tools and instructions. > For example, we want to stop recommending people to do an OpenPGP > verification if they don't know OpenPGP beforehand. > > We've been working on a browser extension to download and verify the ISO > image automatically. It's going to be released before the end of 2015 > and will become the recommended technique (and hopefully super easy). > > See https://tails.boum.org/blueprint/bootstrapping/extension/ for the > idea and https://maone.net/dev/tails/download.html for a prototype. > > Still, even once we get there we'll want to still provide OpenPGP > instructions as an alternative or additional verification mechanism. But > at least people won't be force through this as they are today. > > So documenting better GPGTools would still make perfect sense as part of > this alternative or additional check. > >> In GPGTools support we receive occasional feedback from very confused Tails >> users, unable to verify their download. The latest example from yesterday is: >> https://gpgtools.tenderapp.com/discussions/problems/47413-what-is-the-protocol-for-verifying-a-signature-from-a-file >> This >> is not the only case and I am sure there are many more which just give up, >> without even bothering to write a feedback report. > > I'm sorry to hear that :( > >> So here are some improved, shorter and easier to follow verification steps >> for >> OS X in markdown: >> >> To verify the signature of your tails file >> >> 1. download the Tails iso file and >> 1. the gpg signature file from https://tails.boum.org/download >> 1. click this [link](https://tails.boum.org/tails-signing.key) to display >> / >> download our key >> 1. download and install [GPG Suite](https://gpgtools.org/gpgsuite) >> 1. open GPG Keychain and drag the tails-signing.key into the main window >> to >> import the key >> 1. make sure that dmg and sig file both are located in the same folder >> 1. right-click signature or dmg file and select Services > OpenPGP: Verify >> Signature of File and allow a moment for processing >> >> If everything is ok, the verification result will look similar to this: > > Cool, thanks! I think that I myself tried to perform the verification > back when I wrote these instructions some 4 years but failed to do so. > >> I think you’d do your OS X users a big favor by updating the website >> description. I’d love to see a dedicated OS X section and not have windows / >> OS >> X mixed up under „other operating systems“ here >> https://tails.boum.org/download/index.en.html#download.verify-the-iso-image-using-other-operating-systems >> >> Ideally the specific OS X instructions would open an expanding section >> (analogue >> to what the current solution for „other operating systems“ does) but only >> include the OS X instructions. >> >> I hope this is useful and can be added to the website. This should solve >> https://labs.riseup.net/code/issues/7147 > > That's super cool! So here is my proposal: let's wait until we do a > first release of the browser extension (in the coming weeks) and then > see how do we fit the additional OpenPGP instructions in our website > after that. We I have a plan regarding this I'll send you a ping. And > then I would love to work with you on solving this once and for good. > > -- > sajolida
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
