Users get confused by the particularities of the Tails signing key
We receive many support requests about users stuck on the verification process
because several applications cannot cope with the fact that we have an expired subkey or sign with the subkey, etc. Examples are:
- Seahorse #11622
Currently can not import the Tails signing key because of this particularity.
This would be the default graphic way of doing it on Tails.
Recommended on our website for Windows users, has problems to verify the image.
Explaining the particularities of our signing key on some part of the website would be good, only I don't know where to place it.
- Known Issues page
- Download and verify using OpenPGP]
#1 Updated by intrigeri over 3 years ago
- Category set to Installation
- Assignee set to emmapeel
- Affected tool set to Installation Assistant
Meta: either this ticket gets an assignee, or the target version should be dropped.
This feedback is useful to me: it's a pretty good example that helps convincing people like me, that were initially unconvinced by the new preferred download+verification method, that the huge majority of our users should not even be suggested to do an OpenPGP -based verification. We've spent so much time in the past trying to make it doable for them, and now I can see why we gave up. I'm happy if some of us want to resume working on this though :)