BAD signatures for GnuPG Stable
Robert J. Hansen
rjh at sixdemonbag.org
Thu Jan 28 06:56:31 CET 2016
> Could this be some kind of man-in-the-middle attack? I don't recall
> having seen a signature fail like this before.
MitM is theoretically possible, but unlikely: an attacker would have to
be both technically sophisticated and profoundly stupid. It's far more
likely there's an innocuous explanation.
The MD5 and SHA256 digests of it are:
ab0b5aba6d0a185b41d07bda804fd8b2
b7dbdb3cad63a740e9f0c632a1da32d4afdb694ec86c8625c98ea0691713b84d
I just downloaded it and was able to verify Werner's signature.
More information about the Gnupg-users
mailing list