Armored signature

[nncp.git] / doc / integrity.texi

diff --git a/doc/integrity.texi b/doc/integrity.texi
index 7ece02c9ef480fdc105c2a2e6e3eab675c1191e0..5547ef9bc90cf89111ef0cb29ca8400af5963e36 100644 (file)
--- a/doc/integrity.texi
+++ b/doc/integrity.texi
@@ -11,7 +11,7 @@ You @strong{have to} check downloaded archives integrity and verify
 their signature to be sure that you have got trusted, untampered
 software. For integrity and authentication of downloaded binaries
 @url{https://www.gnupg.org/, GNU Privacy Guard} is used. You must
 their signature to be sure that you have got trusted, untampered
 software. For integrity and authentication of downloaded binaries
 @url{https://www.gnupg.org/, GNU Privacy Guard} is used. You must

-download signature (@file{.sig}) provided with the tarball.
+download signature (@file{.asc}) provided with the tarball.

 
 For the very first time you need to import signing public key. It is
 provided below, but it is better to check alternative resources with it.
 
 For the very first time you need to import signing public key. It is
 provided below, but it is better to check alternative resources with it.


@@ -27,7 +27,7 @@ uid   NNCP releases <releases at nncpgo dot org>
 @item
 @example
 $ gpg --auto-key-locate dane --locate-keys releases at nncpgo dot org
 @item
 @example
 $ gpg --auto-key-locate dane --locate-keys releases at nncpgo dot org

-$ gpg --auto-key-locate wkd --locate-keys releases at nncpgo dot org
+$ gpg --auto-key-locate  wkd --locate-keys releases at nncpgo dot org

 @end example
 
 @item
 @end example
 
 @item


@@ -38,5 +38,5 @@ $ gpg --auto-key-locate wkd --locate-keys releases at nncpgo dot org
 Then you could verify tarballs signature:
 
 @example
 Then you could verify tarballs signature:
 
 @example

-$ gpg --verify nncp-@value{VERSION}.tar.xz.sig nncp-@value{VERSION}.tar.xz
+$ gpg --verify nncp-@value{VERSION}.tar.xz.asc nncp-@value{VERSION}.tar.xz

 @end example
 @end example