firmware images: GnuPG signatures

[tuxlifan]

Please provide GnuPG signatures for the firmware images available on the website or at least sha256sum / b2sum published on multiple websites (i.e. website and github -- same for key fingerprints).

[nthdimtech]

Check out the downloads section on the site now: https://www.nthdimtech.com/signet/downloads/

There are GPG signatures for all of the downloads and links to copies of the signatures and public signing key. Bugs like this belong on the nthdimtech-site repository for future reference. Let me know if you are able to verify things with the information given.

[tuxlifan]

My findings: The public keys offered on both then thdimtech.com website and the github nthdimtech-site match for me. fingerprint: D475 81AE 98C1 7249 9153 87BE 0E47 D2FA 6E50 979D Moreover, the signature for the firmware, downloaded from the website, matches (apart from the firmware available on the website) also the firmware that I was able to compile from the github repository. The Linux binary and desktop-client tarball for 0.9.9 from the website also have good signatures for me.

Thank you :)

PS: As an additional measure you could maybe also mention the fingerprint on https://www.nthdimtech.com/signet/downloads/ so that it can be picked up by search engines, web archives, etc. to make the key verification even more diverse and "out of your control"?

[nthdimtech]

PS: As an additional measure you could maybe also mention the fingerprint on https://www.nthdimtech.com/signet/downloads/ so that it can be picked up by search engines, web archives, etc. to make the key verification even more diverse and "out of your control"?

Good idea. It's done