[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #23510] gpg signing subkey for release 4.4.0 not cross-certified

From: cfr
Subject: [bug #23510] gpg signing subkey for release 4.4.0 not cross-certified
Date: Sat, 07 Jun 2008 14:57:08 +0000
User-agent: Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-GB; rv: Gecko/20080404 Firefox/

Follow-up Comment #4, bug #23510 (project findutils):

Would you accept alternate verification of this release, such as a gpg signed
email asserting the SHA1 sum of the primary tarball, using a newer key to sign
the mail?

That would be fine with me as long as I can verify the signature.

It's possible (albeit a bit more difficult) to update the .sig on the FTP
site; do we need to look into taking the action of posting a replacement .sig
with a newer key?

As far as I'm concerned, no. The alternative method sounds fine.

I would wait for the next release but I've been trying to help a user in a
support forum and that user has tried updating to the current version of
findutils because we thought that would solve the problem. If I can update,
too, it would help us narrow the problem down.

Thanks for your help.


Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]