Message: 2
Date: Sat, 27 Jul 2019 08:35:46 -0400
From: Ian Kelling <address@hidden>
To: Habs <address@hidden>
Cc: address@hidden
Subject: Re: [Bug-gnuzilla] gpg public signatures eq. Icecat/Ruben
(fwd)
Message-ID: <address@hidden>
Content-Type: text/plain
Habs <address@hidden> writes:
Hello list - sending this again please...
Where can 'we' find up-to-date public signature files for checking
software please ? e.g. Ruben's key for icecat. Then, how can we ensure
they are not tampered with fingerprints etc ?
I'm asking because I came across some old sigs... and the only link I
could find was on Savannah 'download the keyring' and some on there did
not match others I came across elsewhere.
Looking forward to some help with the above. Thank you. Habs
https://ftp.gnu.org/gnu/gnu-keyring.gpg
and in ruben's case, you can also verify by checking
https://www.fsf.org/about/staff-and-board
which has his key fingerprint and links to
https://static.fsf.org/nosvn/fsf-keyring.gpg
He did change to a new key this year and other people have asked similar
questions.
--
Ian Kelling | Senior Systems Administrator, Free Software Foundation
GPG Key: B125 F60B 7B28 7FF6 A2B7 DF8F 170A F0E2 9542 95DF
https://fsf.org | https://gnu.org