[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#25572: Signatures on Emacs windows .zip files

From: Richard Kettlewell
Subject: bug#25572: Signatures on Emacs windows .zip files
Date: Sun, 29 Jan 2017 11:48:55 +0000
User-agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0


According to https://www.gnu.org/software/emacs/download.html:

    Since the 24.5 release, tarballs are signed with the GPG key from
    Nicolas Petton 7C207910, fingerprint 28D3 BED8 51FD F3AB 57FE
    F93C 2335 87A4 7C20 7910, which can be found in the GNU keyring.

However the windows .zip files on http://ftp.gnu.org/gnu/emacs are
signed with some other key:

$ gpg2 --verify emacs-25.1-2-x86_64-w64-mingw32.zip.sig
gpg: Signature made 11/29/16 19:54:09 GMT Standard Time using DSA key ID
gpg: Good signature from "Phillip Lord <address@hidden>"
gpg:                 aka "Phillip Lord <address@hidden>"
gpg:                 aka "Phillip Lord <address@hidden>"
gpg:                 aka "Phillip Lord <address@hidden>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the
Primary key fingerprint: 8352 2404 7598 ECBC 61A1  DA34 5FE9 658D 60C3 B396


reply via email to

[Prev in Thread] Current Thread [Next in Thread]