npth1.6 integrity check issue
Ingo Klöcker
kloecker at kde.org
Thu May 26 17:15:06 CEST 2022
On Donnerstag, 26. Mai 2022 10:35:18 CEST bvea--- via Gnupg-users wrote:
> I've imported the key specified on
> the website and have verified the gpg source and all of the dependencies
> except for npth1.6. When I try to verify npth, the output is
>
> gpg: Signature made Mon 16 Jul 2018 12:37:23 AM PDT
> gpg: using RSA key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
> gpg: Can't check signature: No public key
>
> Looking around on the internet I can find some indication that this is an
> old key belonging to Werner Koch that expired in 2019, but I would like to
> be able to properly verify npth before building it. Can anyone advise on
> how best to proceed?
https://gnupg.org/download/integrity_check.html
points to
https://gnupg.org/signature_key.html
At the end of this page you can download "a public key block with expired keys
used to sign older releases". It contains 5 keys including Werner's key that
expired in 2019 (and not just the 2 former signature keys that are confusingly
mentioned on the page).
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20220526/a7787971/attachment-0001.sig>
More information about the Gnupg-users
mailing list