We're calling on all EU-based Mozillians with iOS or iPadOS devices to help us monitor Apple’s new browser choice screens. Join the effort to hold Big Tech to account!

Этот сайт имеет ограниченную функциональность, пока мы проводим техническое обслуживание для улучшения его работы. Если какая-либо статья не решила вашу проблему и вы хотите задать вопрос, наше сообщество поддержки ждёт вас: @FirefoxSupport в Твиттере и /r/firefox на Reddit.

Поиск в Поддержке

Избегайте мошенников, выдающих себя за службу поддержки. Мы никогда не попросим вас позвонить, отправить текстовое сообщение или поделиться личной информацией. Сообщайте о подозрительной активности, используя функцию «Пожаловаться».

Подробнее

how can I validate Firefox authentication

more options

I have not been able to successfully authenticate the validity of Firefox 39 on a Mac. Using GPG tools service to validate it gives an error Failed:153. If I perform a command line "gpg --verify SHA512SUMS.asc gpg: assuming signed data in 'SHA512SUMS' gpg: Signature made Wed 1 Jul 03:23:48 2015 EDT using RSA key ID 15A0A4BC gpg: Good signature from "Mozilla Software Releases <releases@mozilla.org>" [unknown] gpg: Note: This key has expired! Primary key fingerprint: 2B90 598A 745E 992F 315E 22C5 8AB1 3296 3A06 537A

    Subkey fingerprint: 5445 390E F5D0 C2EC FB8A  6201 057C C3EB 15A0 A4BC

Which is not valid since the public key has expired. Where can i get a valid public key? Has anyone performed the validation of Firefox successfully? If so how?

I have not been able to successfully authenticate the validity of Firefox 39 on a Mac. Using GPG tools service to validate it gives an error Failed:153. If I perform a command line "gpg --verify SHA512SUMS.asc gpg: assuming signed data in 'SHA512SUMS' gpg: Signature made Wed 1 Jul 03:23:48 2015 EDT using RSA key ID 15A0A4BC gpg: Good signature from "Mozilla Software Releases <releases@mozilla.org>" [unknown] gpg: Note: This key has expired! Primary key fingerprint: 2B90 598A 745E 992F 315E 22C5 8AB1 3296 3A06 537A Subkey fingerprint: 5445 390E F5D0 C2EC FB8A 6201 057C C3EB 15A0 A4BC Which is not valid since the public key has expired. Where can i get a valid public key? Has anyone performed the validation of Firefox successfully? If so how?

Выбранное решение

Ben Hearsum is a Mozilla employee and the blog link posted by cor-el was in the bug report I linked.

Прочитайте этот ответ в контексте 👍 0

Все ответы (8)

more options

Good point. I do get the same result. The subkey used to sign the *SUMS file has expired on 07/16/15, and I guess nobody at Mozilla has noticed that (yet). The best would probably be to raise a new bug for this in Bugzilla. https://bugzilla.mozilla.org

Изменено christ1

more options

Oh they know.

For reading as the general issue tracker Bugzilla is not a discussion forum like here.

Bug 1139929 - renew gpg signing key

more options

Is the new public key available ? Where can I get it

more options
more options

The current Public key listed from the download firefox versions "https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/39.0/"

as well as the others is still incorrect. You don't expect people to download a public key from a Blog?

more options

Выбранное решение

Ben Hearsum is a Mozilla employee and the blog link posted by cor-el was in the bug report I linked.

more options

All previous versions of firefox 39 will not be able to authenticate until the key is updated.