nPth signature
Ming Kuang
ming at imkuang.com
Sat Aug 12 08:09:26 CEST 2023
On 2023-08-12 10:45, Daniel Rostovtsev via Gnupg-users wrote:
> Hi gnupg-users,
>
> I think that nPth is might be signed with an expired signature.
> Is this a problem?
>
> Thanks!
>
> P.S.
> I downloaded from https://gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2 and https://gnupg.org/ftp/gcrypt/npth/npth-1.6.tar.bz2.sig
> This is what I see when I run
>
>> gpg ---verify npth-1.6.tar.bz2.sig
>
> When I run with a trusted gpg.
>
> gpg: assuming signed data in 'npth-1.6.tar.bz2'
> gpg: Signature made Mon Jul 16 07:37:23 2018 UTC
> gpg: using RSA key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6
> gpg: Good signature from "Werner Koch (dist sig)" [expired]
> gpg: Note: This key has expired!
> Primary key fingerprint: D869 2123 C406 5DEA 5E0F 3AB5 249B 39D2 4F25 E3B6
Here's a note about these old expired keys: https://www.gnupg.org/signature_key.html
The key with fingerprint 4F25 E3B6 is not listed on that page, but I checked that it is indeed
included in that old public key block: https://gnupg.org/devel/old-signature-keys.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 834 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-users/attachments/20230812/a3cfb388/attachment.sig>
More information about the Gnupg-users
mailing list