Git-Mirrors
/
qubes-doc
mirror of https://github.com/QubesOS/qubes-doc.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Resolve some of the #1184 requested changes.

This commit is contained in:
Dave Smith 2021-07-26 09:56:40 -05:00
parent 39926bd512
commit e5739da0f4
No known key found for this signature in database
GPG Key ID: 9D496637D81484A6
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
project-security/verifying-signatures.md
View File

@ -41,7 +41,7 @@ decision of whether to trust any given party is beyond the scope of digital
signatures. It's more of a social and political decision.
Once we make the decision to trust certain parties, digital signatures are
useful, because they make it possible for us to limit our trust to only those
useful, because they make it possible for us to limit our trust only to those
few parties we choose and not to worry about all the bad things that can happen
between us and them, e.g., server compromises (qubes-os.org will surely be
compromised one day, so [don't blindly trust the live version of this
@ -656,11 +656,11 @@ the arguments to `gpg2`. (The signature file goes first.)
There are several possibilities:
- You don't have the [Qubes Master Signing
Key (QMSK)](#how-to-import-and-authenticate-the-qubes-master-signing-key).
- You have [not set the trust level of the QMSK
Key](#how-to-import-and-authenticate-the-qubes-master-signing-key).
- You have [not set the Qubes Master Signing Key's trust level
correctly.](#how-to-import-and-authenticate-the-qubes-master-signing-key)
- In the case of a key that is not directly signed by the QMSK,
you have [not set that key's trust level
- In the case of a key that is not directly signed by the Qubes Master Signing
Key, you have [not set that key's trust level
correctly.](#how-to-verify-signatures-on-git-repository-tags-and-commits)
### Why am I getting "X signature not checked due to a missing key"?