This list is useful when using PGP to verify downloads. This involves what's called signatures and the Tor Project has an explanation of How to verify signatures.
Please keep in mind that there is no guarantee for the correctness of any of the fingerprints below! You still have to verify them independently!
Working towards improved trust in this list the source file has been signed by one or more people in the community.
To verify the file's signature on the terminal:
gpg2 --verify README.md.asc README.md
And to create a new signature:
gpg2 --sign -a README.md
| Software/Project | Fingerprint | Download | Other Links |
|---|---|---|---|
| Enigmail | 4F9F 89F5 505A C1D1 A260 631C DB11 87B9 DD5F 693B |
keyserver | official instructions |
| Gpg4Win | 13E3 CE81 AFEA 6F68 3E46 6E0D 42D8 7608 2688 DA1A |
keyserver | official instructions |
| GPG Suite | 85E3 8F69 046B 44C1 EC9F B07B 76D7 8F05 00D0 26C4 |
gpgtools.org; keyserver | |
| Tails | A490 D0F4 D311 A415 3E2B B7CA DBB8 02B2 58AC D84F |
tails.boum.org; keyserver | official instructions |
| Torbirdy | E4AC D397 5427 A5BA 8450 A1BE B01C 8B00 6DA7 7FAA |
keyserver | official instructions |
| Tor Browser | EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290 |
keyserver | official instructions |
| Tor Messenger | E4AC D397 5427 A5BA 8450 A1BE B01C 8B00 6DA7 7FAA |
keyserver | official instructions |
| Veracrypt | 993B 7D7E 8E41 3809 828F 0F29 EB55 9C7C 54DD D393 |
idrix.fr; keyserver | official instructions |
| QubesOS 3.2 | C522 61BE 0A82 3221 D94C A1D1 CB11 CA1D 03FA 5082 |
qubes-os.org; keyserver | official instructions |