mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2025-04-01 19:25:35 -04:00
Update links
This commit is contained in:
parent
6e110274f6
commit
42e6b2f2cb
@ -133,7 +133,7 @@ This website is hosted via GitHub Pages behind Cloudflare ([why?](#why-does-this
|
||||
Therefore, it is largely outside of our control.
|
||||
We don't consider this a problem, however, since we explicitly [distrust the infrastructure](#what-does-it-mean-to-distrust-the-infrastructure).
|
||||
For this reason, we don't think that anyone should place undue trust in the live version of this site on the Web.
|
||||
Instead, if you want to obtain your own, trustworthy copy of this website in a secure way, you should clone our [website repo](https://github.com/QubesOS/qubesos.github.io), [verify the PGP signatures on the commits and/or tags](/security/verifying-signatures/#verifying-qubes-code) (signed by the [doc-signing keys](https://github.com/QubesOS/qubes-secpack/tree/master/keys/doc-signing)), then either [render the site on your local machine](https://github.com/QubesOS/qubesos.github.io/blob/master/README.md#instructions) or simply read the source, the vast majority of which was [intentionally written in Markdown so as to be readable as plain text for this very reason](/doc/doc-guidelines/#markdown-conventions).
|
||||
Instead, if you want to obtain your own, trustworthy copy of this website in a secure way, you should clone our [website repo](https://github.com/QubesOS/qubesos.github.io), [verify the PGP signatures on the commits and/or tags](/security/verifying-signatures/#how-to-verify-qubes-code) (signed by the [doc-signing keys](https://github.com/QubesOS/qubes-secpack/tree/master/keys/doc-signing)), then either [render the site on your local machine](https://github.com/QubesOS/qubesos.github.io/blob/master/README.md#instructions) or simply read the source, the vast majority of which was [intentionally written in Markdown so as to be readable as plain text for this very reason](/doc/doc-guidelines/#markdown-conventions).
|
||||
We've gone to special effort to set all of this up so that no one has to trust the infrastructure and so that the contents of this website are maximally available and accessible.
|
||||
|
||||
### What does it mean to "distrust the infrastructure"?
|
||||
|
@ -52,7 +52,7 @@ gpg --import qubes-developers-keys.asc
|
||||
~~~
|
||||
|
||||
**Note** In the above process, we do *not* rely on the security of our server (keys.qubes-os.org) nor the connection (ssl, cert) -- we only rely on you getting the Qubes Master Signing Key fingerprint *somehow* and ensuring they match!
|
||||
See [Verifying Signatures](/security/verifying-signatures/#importing-qubes-signing-keys) for verification sources.
|
||||
See [Verifying Signatures](/security/verifying-signatures/#1-get-the-qubes-master-signing-key-and-verify-its-authenticity) for verification sources.
|
||||
|
||||
Now let's bootstrap the builder. Unfortunately, the builder cannot verify itself (the classic Chicken and Egg problem), so we need to verify the signature manually:
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user