anonym wrote (25 Apr 2012 22:02:19 GMT) :
> So, I've uploaded the new 0.11 (and testing branch pushed; waiting
> to push the tag until we're sure we've got release material) image
> and signature, but there's a problem: even though the signature's
> modification time was updated when it was rsynced, the actual data
> still seem to be the signature from the previous, broken 0.11.
I wget'd those files:
https://archive.torproject.org/amnesia.boum.org/tails/testing/tails-i386-0.11/tails-i386-0.11.iso
https://archive.torproject.org/amnesia.boum.org/tails/testing/tails-i386-0.11/tails-i386-0.11.iso.pgp
... and:
$ gpg --verify tails-i386-0.11.iso.pgp tails-i386-0.11.iso
gpg: Signature made Wed Apr 25 17:45:03 2012 CEST using RSA key ID BE2CD9C1
gpg: Good signature from "Tails developers (signing key) <tails@???>"
gpg: aka "T(A)ILS developers (signing key) <amnesia@???>"
The detached signature I downloaded is the same file as the one you attached.
So, what's the actual problem?