new version of gnupg signed with different key?

Joerg Schmitz-Linneweber joerg at
Fri Feb 17 13:12:30 CET 2006


Am Donnerstag, 16. Februar 2006 22:11 schrieb Anonymous Remailer:
> gnupg-1.4.2.tar.bz2.sig was signed with key 0x57548DCD
> but
> gnupg- is signed with 0x1CE0C630, which is not in
> turned signed with the old key.  Why?  How do we verify it's
> trustworthy?
Werner? What happend? I saw it's tagged as a "(dist sig) <dd9jn at ...>" but why 
did you changed your policy? [Are you on ham radio btw. :-) ?]

I did a short review on the diff from 1.4.2 and it seems there are only the 
changes regarding the mentioned vuln. and I think Werner ( switched 
from CVS to Subversion.... :-) Right?

Salut, Joerg

gpg/pgp key # 0xd7fa4512
fingerprint 4e89 6967 9cb2 f548 a806  7e8b fcf4 2053 d7fa 4512
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20060217/b3b839b8/attachment.pgp

More information about the Gnupg-users mailing list