Delivery-Date: Sat, 14 Nov 2015 13:46:22 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,UNPARSEABLE_RELAY
	autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 67DB91E04B2;
	Sat, 14 Nov 2015 13:46:20 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 8D0E038094;
	Sat, 14 Nov 2015 18:46:15 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 6759D3808D
 for <tor-talk@lists.torproject.org>; Sat, 14 Nov 2015 18:46:12 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Uv3E9SxbJfVZ for <tor-talk@lists.torproject.org>;
 Sat, 14 Nov 2015 18:46:12 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 45C793808B
 for <tor-talk@lists.torproject.org>; Sat, 14 Nov 2015 18:46:12 +0000 (UTC)
Received: from cotinga.riseup.net (unknown [10.0.1.164])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 99DC01A09B9
 for <tor-talk@lists.torproject.org>; Sat, 14 Nov 2015 10:46:09 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1447526769; bh=A50sBmFy2ek8jZHgdUd6SuM1noLiHBPpoTMkMaXsKRk=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=IMGi2XIpkMiwy7wLoakaurOkAG3A7h4G+SuD/5zL8fPEZENUcYZX+L2MVZ5rJLfBP
 WqtLhtavvqfvJKRfsnoDcET4kiRgdMk8GhseBhDLY+FvDY4BqhfFNBKAYid44N2jeK
 LVoAN6JFqrX6lJ4AVsON/wM9Iwj0zSgAJp2X6dtk=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: kafkane) with ESMTPSA id E1A99400A7
Message-ID: <56478155.6040008@riseup.net>
Date: Sat, 14 Nov 2015 18:45:41 +0000
From: oliver <kafkane@riseup.net>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <56473E77.5060603@openmailbox.org>
In-Reply-To: <56473E77.5060603@openmailbox.org>
X-Virus-Scanned: clamav-milter 0.98.7 at mx1.riseup.net
X-Virus-Status: Clean
Subject: Re: [tor-talk] How can I verify that this "Onionshare" program is
 indeed the one intended for me to get?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Qaz:
> how I can verify that this
> Onionshare program is indeed the one intended for me to get?

this program is not affiliated with the Tor Project, so in order to get
specific assistance you'll have to talk to the original developer, Micah
Lee.

i'll help you, though. it appears you're fetching the project source
code from Micah's github repository for the project. the only way i can
think of verifying the authenticity is to hash the .deb file you build
before you install it.

i'm building on debian. my sha256 hash is below:

c6437462011f4d103df4f7407edfcfdd0df646dd274c9f61d1f10baecf094f13
deb_dist/onionshare_0.7.1-1_all.deb

good luck.

- -- 
oliver (A)

kafkane@riseup.net
4096R/AF2D5D34EEFBBDDF9542F95BFAEF521A729674D7
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJWR4FVAAoJEBPontSk+sK875sP/jYYT58zeSK2xMlubMKFbmiN
LRiiTXXhFQoC17L6GiAa9Xn2TlSXj/23TTnEx06xqDa6ZJXCTf9m2zv/zE4LZlOw
0Ch8ZZdZWmgmU40+ge2loZV8ek8HTjz42JgpEzD7J74PdFXvdkHfkJdJjLQXtrqT
i2vusuPa2lbAq9bYppMPbM4uWDCPr+YT3dG6EFCYYgAYMfXEwIPEusY2veNHRqsj
3dbgPZofH2vSelOyayLOWZg9NSdkfyJwrwFZdUu4dAGvX/KJ6hjdGwH9H5/L06LD
GXx9iIHoHtgDfBtyt3pdr28ryMlKBAcUBRKEIofxdCgLbRJJWgDUneUMWFTv5kdP
XBTybF+WGHutM42q7j8rn5iZOU6Fsza3Xqp25NUFlzeUjVg5UxhcCU+mDTSrK6IO
Qma5AazQbrmYMufBPNoIkdKgYr62IrvzYqFl1nObQd5AtppwAwQnOFT1EFHBtvZ6
1gDW0DvM/J5N9ZIJ9rBgRfHj8UoSxS/CinyAljuPMu3vYXd3KtEXZgmMlRzRVQuM
Nbz0WCa0c8CFdVFcGG7L76Fu29fz6PupsmA0grXvorw7smZ0UzYNsTkJh8JwFCDV
PrYiE59nQSl6EmQiM7QHSPoLS+IOrk6H0pIJ6KI8QW2KJnqQ3+PeCWnSVMu6QL89
QJiE1HgRSziHc0r7Kwij
=7uJd
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

