14 Dec
2021
14 Dec
'21
8:32 a.m.
On Tue, Dec 14, 2021 at 02:15:27AM +0000, Matthew Finkel wrote:
Please be aware that a new PGP subkey will be used for signing Tor Browser packages beginning with Tor Browser 11.5a1.
Please refresh your keychain from keys.openpgp.org, as needed.
Thanks Matt.
What's the story with the torbrowserlauncher package these days? Should we expect another round of users reporting that they're being man-in-the-middled, because torbrowserlauncher is surprised by this new key and logs scary error messages? If yes, now that we see it coming, is there anything we can do to smooth its arrival, like pushing an update to that package?
I am cc'ing Micah in case he knows the answer by now too. :)
--Roger