posts: Add warning about downloading tarballs with Firefox

Let's hope that bug is fixed in the next 10 years!
author: Wolfgang Müller 2021-05-07 14:37:25 +0200
committer: Wolfgang Müller 2021-05-07 14:37:25 +0200
commit: 3297e6fc573fc90881bb47d877ad9e3470e5f6b8 (patch)
tree: 6586487507cb984fe0542108a52dff2599620748
parent: 45a87090f1ab3ceada40430dccec9caab8af84f5 (diff)
download: site-3297e6fc573fc90881bb47d877ad9e3470e5f6b8.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/posts/verify-with-signify.md b/posts/verify-with-signify.md
index 039ac8c..d2061e2 100644
--- a/posts/verify-with-signify.md
+++ b/posts/verify-with-signify.md
@@ -11,6 +11,12 @@ downloaded files, I strongly recommend using it to also verify the
 _signature_.  A portable version of the tool is available
 [here](https://github.com/aperezdc/signify).
 
+**Note**: Firefox is
+[bugged](https://bugzilla.mozilla.org/show_bug.cgi?id=610679) when it comes to
+downloading content that is already compressed. Tarballs that were downloaded
+with Firefox will **fail** verification. Please make sure to use another
+browser or a tool like `curl` or `wget` to obtain the tarballs.
+
 ### Obtaining the signature and checksum
 
 Whether or not you decide to use `signify` to verify downloaded files, you need
author	Wolfgang Müller	2021-05-07 14:37:25 +0200
committer	Wolfgang Müller	2021-05-07 14:37:25 +0200
commit	3297e6fc573fc90881bb47d877ad9e3470e5f6b8 (patch)
tree	6586487507cb984fe0542108a52dff2599620748
parent	45a87090f1ab3ceada40430dccec9caab8af84f5 (diff)
download	site-3297e6fc573fc90881bb47d877ad9e3470e5f6b8.tar.gz