Author: anonym
Date:
To: The Tails public development discussion list
Subject: Re: [Tails-dev] Tails and forensics
On 08/12/14 05:30, Jacob Appelbaum wrote:
> How are IUK files verified? The JSON descriptors don't appear to
> contain a signature, merely a hash:
>
> https://tails.boum.org/upgrade/v1/Tails/1.2/i386/stable/upgrades.yml
All upgrades.yml files are signed with the Tails signing key, for instance:
https://tails.boum.org/upgrade/v1/Tails/1.2/i386/stable/upgrades.yml.pgp
Cheers!