Silk Road forums
Discussion => Newbie discussion => Topic started by: nobodyenduser on September 26, 2013, 09:25 pm
-
I'm trying to verify the .iso download of TAILS and after four or five minutes I get the message "Not enough information to check signature validity."
I've downloaded the all three files to the same directory .iso .sig .key I opened the .key file copied the text the right clicked on Kleopatra to import the key which was successful.
I then right click on the .sig and choose verify
Am I missing something?
Using windows vista
-
Sign the tails developer signature key that you imported.
In GPA right click that key, select "Sign"... and check that little box in the left hand bottom corner... then hit ok.
-
Sign the tails developer signature key that you imported.
In GPA right click that key, select "Sign"... and check that little box in the left hand bottom corner... then hit ok.
That did the trick! Just right click then sign then ok (no check box)
Once again I bow down before your mastery of these subjects :)
-
Just in the vein of full disclosure...
When you sign a key like that, you're saying you know the key belongs to that person. Like if you and I were to meet, I would ask you details of your key... if 1abcd4542 is actually your fingerprint of your key etc. to verify. Then you would go home and sign my key.
There are key servers where key data are stored... where when someone signs a key it's recorded that you vouched for that key... but here on SR keyservers are useless to us since we're all anonymous.
Look at Nightcrawler's forum signature here, that's what all that stuff is.
http://dkn255hz262ypmii.onion/index.php?topic=215000.msg1567527#msg1567527
TL;DR
Next time... check out their fingerprint etc. and compare it to the one listed on their site or whatever before you sign.