Request for better instructions on verifying IDEA source signatures
smu johnson
smujohnson at gmail.com
Sat Aug 14 01:48:31 CEST 2010
Hi,
I've been experimenting with the IDEA cipher 3rd party plugin files, and I
keep reading about how I should verify their signatures.
Unfortunately, the help provided by the GnuPG page for that is useless.
Sure, I get the .sig files, but nowhere, not even on the FTP site itself can
I find the public keys to verify the signature.
I started surfing around the GnuPG pages and read that I could find a
communal verifying key in the GnuPG\doc directory, but I don't see anything
in my Mingw32 installation. And the key provided in armored ascii format
does not match the signature. Great!
My argument: I think this is bad for getting people used to doing things
right, as actually doing the safe thing has become a wild-goose chase for
me. This by no-means encourages anyone to follow proper safety protocol if
the suggestion to verify the IDEA code is impossible or extremely difficult,
in this instance.
Thank you for reading.
--
smu johnson <smujohnson at gmail.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20100813/db862087/attachment.htm>
More information about the Gnupg-doc
mailing list