Autor: intrigeri Datum: To: The Tails public development discussion list Betreff: Re: [Tails-dev] Review and merge doc/tails-support-private
Hi,
[snipping everything that looks good. thanks!]
sajolida@??? wrote (20 Aug 2014 15:31:21 GMT) : > intrigeri wrote:
>> * The proposed branch doesn't document the -bugs@ key on
>> doc/about/openpgp_keys; I guess you did it this way on purpose > I must admit that I don't really like this page, and thought that this
> would be done while working on #7573 and #7698 which I want to do
> soonish. But yes that's the kind of "soonish" that can last forever so
> it's better to have a real fix now: ae68690.
This commit points to:
[[!tails_website tails-email.key desc="Download the key"]]
I think it should be tails-bugs.key instead.
Also, any reason why support/talk doesn't point to
doc/about/openpgp_keys#support now that it exists?
>> but
>> then I'm curious about the rationale for not giving any hints on how
>> to verify the key without relying on the CA cartel. > I'm not sure to understand what you are referring to here? In ae68690 I
> basically copied and adapted what was already written for tails@???
> Schleuder. The way to document how to verify our keys without without
> the CA cartel would be to document how to verify the signature made by
> our signing key. And we don't do that for tails@??? either. So
> there is no regression here. But it would surely be worth a ticket as
> subtask of #7698 or #7573.
Indeed, you're right. I would have thought that doc/about/openpgp_keys
did point to doc/get/trusting_tails_signing_key, which isn't the case.
Maybe that's a problem?