From 59a101e2ba930e504ec0397022cdc4d4f9d92280 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Thu, 15 Oct 2015 14:01:53 +0200
Subject: [PATCH] Add missing source verification to builder instruction

Additionally use long keyid for Qubes master key
---
 en/developers/building/qubes-builder.md | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/en/developers/building/qubes-builder.md b/en/developers/building/qubes-builder.md
index aa31e1c2..4d8cb1ef 100644
--- a/en/developers/building/qubes-builder.md
+++ b/en/developers/building/qubes-builder.md
@@ -51,17 +51,20 @@ It is also recommended to use an empty passphrase for the private key used for s
 So, to build Qubes one would do:
 
     # Import the Qubes master key 
-    gpg --recv-keys 0x36879494 
+    gpg --recv-keys 0xDDFA1A3E36879494
     
     # Verify its fingerprint, set as 'trusted'. 
     # This is described here: 
     # https://www.qubes-os.org/doc/VerifyingSignatures
     
-    wget http://keys.qubes-os.org/keys/qubes-developers-keys.asc 
+    wget https://keys.qubes-os.org/keys/qubes-developers-keys.asc
     gpg --import qubes-developers-keys.asc 
     
     git clone git://github.com/QubesOS/qubes-builder.git qubes-builder 
     cd qubes-builder 
+
+    # Verify its integrity:
+    git tag -v `git describe`
     
     cp example-configs/qubes-os-master.conf builder.conf 
     # edit the builder.conf file and set the following variables: