GnuPG 2.2.36 released

[Ingo Klöcker]

On Freitag, 8. Juli 2022 22:55:07 CEST Konstantin Ryabitsev via Gnupg-users 
wrote:
> I'm trying to verify swdb.lst.sig, but I can't:
> 
> $ gpg --verify swdb.lst.sig
> gpg: assuming signed data in 'swdb.lst'
> gpg: Signature made Wed 06 Jul 2022 02:26:07 PM EDT
> gpg:                using ECDSA key 02F38DFF731FF97CB039A1DA549E695E905BA208
> gpg: Can't check signature: No public key
> 
> That key doesn't appear to be provided via
> https://gnupg.org/signature_key.asc.

Yes, it is.

```
$ curl https://gnupg.org/signature_key.asc | gpg --import
[...]
gpg: key 549E695E905BA208: 1 signature not checked due to a missing key
gpg: key 549E695E905BA208: public key "GnuPG.com (Release Signing Key 2021)" 
imported
gpg: Total number processed: 4
gpg:               imported: 4

$ gpg -k 02F38DFF731FF97CB039A1DA549E695E905BA208
pub   brainpoolP256r1/549E695E905BA208 2021-10-15 [SC] [expires: 2029-12-31]
      02F38DFF731FF97CB039A1DA549E695E905BA208
uid                 [ unknown] GnuPG.com (Release Signing Key 2021)
```

See https://dev.gnupg.org/T5949#159890 for why it doesn't work for you.

Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220708/a0c27df0/attachment.sig>