GNUPG public key

Charly Avital shavital@netbox.com
Fri Nov 29 10:36:02 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 10:29 PM -0700 11/28/02, engage wrote:
>I just downloaded idea.c.gz and the detached signature file. But, I couldn;t 
>verify the signature even though I have imported the GnuPG public key from 
>www.gnupg.org. So, has the key on their web site been replaced by some hacker?
>
>

Hi,


following is copy/paste of Terminal, showing download of idea.c.gz, sig, and verification results (signed by Werner Koch, key ID 621CC013):
===============
[...]% curl -O http://www.gnupg.dk/contrib-dk/idea.c.gz
[...]
[...]% curl -O http://www.gnupg.dk/contrib-dk/idea.c.gz.sig
[...]
[...]% gpg --verify idea.c.gz.sig

gpg: Signature made Mon Aug  5 12:21:54 2002 IDT using DSA key ID 621CC013
gpg: Good signature from "Werner Koch <wk@g10code.com>"
gpg:                 aka "Werner Koch <wk@gnupg.org>"
gpg:                 aka "Werner Koch <werner.koch@guug.de>"
===============
Charly
MacGPG 1.2.1

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (Darwin)
Comment: GnuPG for Privacy

iD8DBQE95zUt8SG5rMkbCF4RAgtVAJ9wK6LXkjAzqKQREqg/NqJF6NWj4ACfVxlD
tb5J/hDdZqXQHej6zH7jPjs=
=MIz2
-----END PGP SIGNATURE-----