npth1.6 integrity check issue

bvea at tutanota.com bvea at tutanota.com
Thu May 26 10:35:18 CEST 2022


Hello,

I'm building gpg and its dependencies from source, using dependencies downloaded from the gnupg.org downloads page https://gnupg.org/download/index.html. I've imported the key specified on the website and have verified the gpg source and all of the dependencies except for npth1.6. When I try to verify npth, the output is

gpg: Signature made Mon 16 Jul 2018 12:37:23 AM PDT
gpg:                using RSA key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
gpg: Can't check signature: No public key

Looking around on the internet I can find some indication that this is an old key belonging to Werner Koch that expired in 2019, but I would like to be able to properly verify npth before building it. Can anyone advise on how best to proceed? 

Many thanks.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220526/ffed8a2b/attachment.html>


More information about the Gnupg-users mailing list