This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Hierdie gesprek is in die argief. Vra asseblief 'n nuwe vraag as jy hulp nodig het.

how can I validate Firefox authentication

more options

I have not been able to successfully authenticate the validity of Firefox 39 on a Mac. Using GPG tools service to validate it gives an error Failed:153. If I perform a command line "gpg --verify SHA512SUMS.asc gpg: assuming signed data in 'SHA512SUMS' gpg: Signature made Wed 1 Jul 03:23:48 2015 EDT using RSA key ID 15A0A4BC gpg: Good signature from "Mozilla Software Releases <releases@mozilla.org>" [unknown] gpg: Note: This key has expired! Primary key fingerprint: 2B90 598A 745E 992F 315E 22C5 8AB1 3296 3A06 537A

    Subkey fingerprint: 5445 390E F5D0 C2EC FB8A  6201 057C C3EB 15A0 A4BC

Which is not valid since the public key has expired. Where can i get a valid public key? Has anyone performed the validation of Firefox successfully? If so how?

I have not been able to successfully authenticate the validity of Firefox 39 on a Mac. Using GPG tools service to validate it gives an error Failed:153. If I perform a command line "gpg --verify SHA512SUMS.asc gpg: assuming signed data in 'SHA512SUMS' gpg: Signature made Wed 1 Jul 03:23:48 2015 EDT using RSA key ID 15A0A4BC gpg: Good signature from "Mozilla Software Releases <releases@mozilla.org>" [unknown] gpg: Note: This key has expired! Primary key fingerprint: 2B90 598A 745E 992F 315E 22C5 8AB1 3296 3A06 537A Subkey fingerprint: 5445 390E F5D0 C2EC FB8A 6201 057C C3EB 15A0 A4BC Which is not valid since the public key has expired. Where can i get a valid public key? Has anyone performed the validation of Firefox successfully? If so how?

Gekose oplossing

Ben Hearsum is a Mozilla employee and the blog link posted by cor-el was in the bug report I linked.

Lees dié antwoord in konteks 👍 0

All Replies (8)

more options

Good point. I do get the same result. The subkey used to sign the *SUMS file has expired on 07/16/15, and I guess nobody at Mozilla has noticed that (yet). The best would probably be to raise a new bug for this in Bugzilla. https://bugzilla.mozilla.org

Gewysig op deur christ1

more options

Oh they know.

For reading as the general issue tracker Bugzilla is not a discussion forum like here.

Bug 1139929 - renew gpg signing key

more options

Is the new public key available ? Where can I get it

more options
more options
more options

The current Public key listed from the download firefox versions "https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/39.0/"

as well as the others is still incorrect. You don't expect people to download a public key from a Blog?

more options

Gekose oplossing

Ben Hearsum is a Mozilla employee and the blog link posted by cor-el was in the bug report I linked.

more options

All previous versions of firefox 39 will not be able to authenticate until the key is updated.