mirror of
https://github.com/QubesOS/qubes-doc.git
synced 2024-12-26 15:59:24 -05:00
dfd7e5ebe1
The original instructions on how to verify the release signing key used the `--list-sigs` option for gpg. However, unlike `--check-signatures`, the `--list-sigs` option does not verify the authenticity of key signatures. See gpg2(1): --list-signatures --list-sigs Same as --list-keys, but the signatures are listed too. [...] Note that in contrast to --check-signatures the key signatures are not verified. [...] --check-signatures --check-sigs Same as --list-keys, but the key signatures are verified and listed too. [...] This updates the documentation to use `--check-signatures` instead. |
||
---|---|---|
.. | ||
canaries.md | ||
canary-checklist.md | ||
canary-template.md | ||
security-bulletins-checklist.md | ||
security-bulletins-template.md | ||
security-bulletins.md | ||
security-goals.md | ||
security-pack.md | ||
security.md | ||
verifying-signatures.md | ||
xsa.md |