[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: For beginners: Fixing the error "gpg: Can't check signature: No publ
From: |
Eduardo Ochs |
Subject: |
Re: For beginners: Fixing the error "gpg: Can't check signature: No public key" (2024) |
Date: |
Thu, 1 Aug 2024 11:47:05 -0300 |
On Thu, 1 Aug 2024 at 10:16, Esteban Ordóñez <quiliro@riseup.net> wrote:
>
> El 2024-07-30 22:21, Eduardo Ochs escribió:
> > Another page for beginners:
> >
> > http://anggtwu.net/2024-no-public-key.html
>
> Hi Edwardo. Thank you for your post.
>
> Basically, those commands avoid enforcing the signature, then updating
> the signature, then enforcing the signature back and install the
> packages required. Doesn't that void the security of the process by
> making keys verifiable and expirable?
Hi Esteban/Quiliro,
the elisp block in
http://anggtwu.net/2024-no-public-key.html
contains this "See:",
;; See:
;; https://mail.gnu.org/archive/html/help-gnu-emacs/2024-05/msg00248.html
and one of the messages in that thread points to this:
https://elpa.gnu.org/packages/gnu-elpa-keyring-update.html
That package was written by Stefan Monnier. That fix looks good enough
to me, but I'm not a specialist in security. Stefan is very active in
the help-gnu-emacs mailing list... I think that you should ask there.
Cheers,
Eduardo