Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. users
Unverifiable signatures of some downloads
gnupg at kozminski
Sep 3, 2022, 11:15 AM
Post #1 of 2 (181 views)
Permalink
I downloaded stuff from https://gnupg.org/download/index.html and
signatures from https://gnupg.org/signature_key.asc

Checking the signatures produced those two failures:

npth-1.6.tar.bz2
gpg: Signature made Mon Jul 16 00:37:23 2018 PDT
gpg: using RSA key
D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
gpg: Can't check signature: No public key

gpa-0.10.0.tar.bz2
gpg: Signature made Tue Oct 16 14:46:51 2018 PDT
gpg: using RSA key
D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
gpg: Can't check signature: No public key

Web search seems to indicate that those are old signatures by Werner
Koch.

Maybe the above downloads should be re-signed with the current signature
or perhaps the old one could be added to the public key block?

KK



_______________________________________________
Gnupg-users mailing list
Gnupg-users@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-users
Re: Unverifiable signatures of some downloads [ In reply to ]
kloecker at kde
Sep 3, 2022, 2:08 PM
Post #2 of 2 (181 views)
Permalink
On Samstag, 3. September 2022 20:15:06 CEST Kris Kozminski wrote:
> I downloaded stuff from https://gnupg.org/download/index.html and
> signatures from https://gnupg.org/signature_key.asc

You can find a link to older keys at the end of
https://gnupg.org/signature_key.html

Regards,
Ingo

Attached Files:

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal