搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

详细了解

how can I validate Firefox authentication

more options

I have not been able to successfully authenticate the validity of Firefox 39 on a Mac. Using GPG tools service to validate it gives an error Failed:153. If I perform a command line "gpg --verify SHA512SUMS.asc gpg: assuming signed data in 'SHA512SUMS' gpg: Signature made Wed 1 Jul 03:23:48 2015 EDT using RSA key ID 15A0A4BC gpg: Good signature from "Mozilla Software Releases <releases@mozilla.org>" [unknown] gpg: Note: This key has expired! Primary key fingerprint: 2B90 598A 745E 992F 315E 22C5 8AB1 3296 3A06 537A

    Subkey fingerprint: 5445 390E F5D0 C2EC FB8A  6201 057C C3EB 15A0 A4BC

Which is not valid since the public key has expired. Where can i get a valid public key? Has anyone performed the validation of Firefox successfully? If so how?

I have not been able to successfully authenticate the validity of Firefox 39 on a Mac. Using GPG tools service to validate it gives an error Failed:153. If I perform a command line "gpg --verify SHA512SUMS.asc gpg: assuming signed data in 'SHA512SUMS' gpg: Signature made Wed 1 Jul 03:23:48 2015 EDT using RSA key ID 15A0A4BC gpg: Good signature from "Mozilla Software Releases <releases@mozilla.org>" [unknown] gpg: Note: This key has expired! Primary key fingerprint: 2B90 598A 745E 992F 315E 22C5 8AB1 3296 3A06 537A Subkey fingerprint: 5445 390E F5D0 C2EC FB8A 6201 057C C3EB 15A0 A4BC Which is not valid since the public key has expired. Where can i get a valid public key? Has anyone performed the validation of Firefox successfully? If so how?

被采纳的解决方案

Ben Hearsum is a Mozilla employee and the blog link posted by cor-el was in the bug report I linked.

定位到答案原位置 👍 0

所有回复 (8)

more options

Good point. I do get the same result. The subkey used to sign the *SUMS file has expired on 07/16/15, and I guess nobody at Mozilla has noticed that (yet). The best would probably be to raise a new bug for this in Bugzilla. https://bugzilla.mozilla.org

由christ1于修改

more options

Oh they know.

For reading as the general issue tracker Bugzilla is not a discussion forum like here.

Bug 1139929 - renew gpg signing key

more options

Is the new public key available ? Where can I get it

more options
more options
more options

The current Public key listed from the download firefox versions "https://ftp.mozilla.org/pub/mozilla.org/firefox/releases/39.0/"

as well as the others is still incorrect. You don't expect people to download a public key from a Blog?

more options

选择的解决方案

Ben Hearsum is a Mozilla employee and the blog link posted by cor-el was in the bug report I linked.

more options

All previous versions of firefox 39 will not be able to authenticate until the key is updated.