BAD signatures for GnuPG Stable
Robert J. Hansen
rjh at sixdemonbag.org
Thu Jan 28 06:56:31 CET 2016
> Could this be some kind of man-in-the-middle attack? I don't recall
> having seen a signature fail like this before.
MitM is theoretically possible, but unlikely: an attacker would have to
be both technically sophisticated and profoundly stupid. It's far more
likely there's an innocuous explanation.
The MD5 and SHA256 digests of it are:
I just downloaded it and was able to verify Werner's signature.
More information about the Gnupg-users