tlbuild: tlmgr CRYPTOGRAPHIC VERIFICATION
B.8 CRYPTOGRAPHIC VERIFICATION
==============================
'tlmgr' and 'install-tl' perform cryptographic verification if possible.
If verification is performed and successful, the programs report
'(verified)' after loading the TLPDB; otherwise, they report '(not
verified)'. But either way, by default the installation and/or updates
proceed normally.
If a program named 'gpg' is available (that is, found in 'PATH'), by
default cryptographic signatures will be checked: we require the main
repository be signed, but not any additional repositories. If 'gpg' is
not available, by default signatures are not checked and no verification
is carried out, but 'tlmgr' still proceeds normally.
The behavior of the verification can be controlled by the command
line and config file option 'verify-repo' which takes one of the
following values: 'none', 'main', or 'all'. With 'none', no
verification whatsoever is attempted. With 'main' (the default)
verification is required only for the main repository, and only if 'gpg'
is available; though attempted for all, missing signatures of subsidiary
repositories will not result in an error. Finally, in the case of
'all', 'gpg' must be available and all repositories need to be signed.
In all cases, if a signature is checked and fails to verify, an error
is raised.
Cryptographic verification requires checksum checking (described just
above) to succeed, and a working GnuPG ('gpg') program (see below for
search method). Then, unless cryptographic verification has been
disabled, a signature file ('texlive.tlpdb.*.asc') of the checksum file
is downloaded and the signature verified. The signature is created by
the TeX Live Distribution GPG key 0x0D5E5D9106BAB6BC, which in turn is
signed by Karl Berry's key 0x0716748A30D155AD and Norbert Preining's key
0x6CACA448860CDC13. All of these keys are obtainable from the standard
key servers.
Additional trusted keys can be added using the 'key' action.
Menu