MacOSX help - beginner installation, first time
Jonathan Cross
jcross at gmail.com
Tue May 26 02:26:38 CEST 2020
Hi Cyrus,
1. This is the SHA256 checksum I get for GnuPG-2.2.20.dmg:
39970099819616d4b66a4e471ce26db97384948d0f375e02aae9d9de1d69baa5
2. The signature (GnuPG-2.2.20.dmg.sig) checked out for me:
gpg: Signature made Sat Mar 21 12:42:46 2020 CET
gpg: using RSA key 4F9F89F5505AC1D1A260631CDB1187B9DD5F693B
gpg: Good signature from "Patrick Brunschwig <patrick at enigmail.net>" [full]
gpg: aka "Patrick Brunschwig <patrick at brunschwig.net>" [full]
gpg: aka "[jpeg image of size 13251]" [full]
Primary key fingerprint: 4F9F 89F5 505A C1D1 A260 631C DB11 87B9 DD5F 693B
Furthermore...
1. I have met Patrick Brunschwig in person, checked his government ID.
He also checked mine.
2. We both cross-signed each other's keys.
3. You can verify this by getting our pubkeys from pgpkeys.urown.net
4. You can check the OpenPGP signature on this email to verify my key is:
9386 A2FB 2DA9 D0D3 1FAF 0818 C0C0 7613 2FFA 7695
Now, of course you don't know me, but you now have a bit more info to go on.
Maybe there's someone in this list below that you know / trust to check ID
and / or verify key fingerprints? My key:
https://pgpkeys.urown.net/pks/lookup?op=vindex&search=0xC0C076132FFA7695
Meeting people in person and verifying key fingerprints is of course best,
but not always a realistic option for every piece of software :-)
Good luck!
Jonathan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: Message signed with OpenPGP
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20200526/869c0057/attachment.sig>
More information about the Gnupg-users
mailing list