Unverifiable signatures of some downloads
Kris Kozminski
gnupg at kozminski.com
Sat Sep 3 20:15:06 CEST 2022
I downloaded stuff from https://gnupg.org/download/index.html and
signatures from https://gnupg.org/signature_key.asc
Checking the signatures produced those two failures:
npth-1.6.tar.bz2
gpg: Signature made Mon Jul 16 00:37:23 2018 PDT
gpg: using RSA key
D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
gpg: Can't check signature: No public key
gpa-0.10.0.tar.bz2
gpg: Signature made Tue Oct 16 14:46:51 2018 PDT
gpg: using RSA key
D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
gpg: Can't check signature: No public key
Web search seems to indicate that those are old signatures by Werner
Koch.
Maybe the above downloads should be re-signed with the current signature
or perhaps the old one could be added to the public key block?
KK
More information about the Gnupg-users
mailing list