On 20/03/2013, at 11:53, Gene Leung <geneleung...@gmail.com> wrote: > It seems no one care about the public key. Then, why still put the signature > file there for download? Or any other way for verify the integrity of the > download.
The key is available from gpg.mit.edu [midget 9:53] ~ >gpg --recv-keys 9342BF08 gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/documentation/faqs.html for more information gpg: requesting key 9342BF08 from hkp server pgp.mit.edu gpg: key 9342BF08: public key "Jeroen van Meeuwen (kanarip) <kana...@kanarip.com>" imported gpg: 3 marginal(s) needed, 1 complete(s) needed, classic trust model gpg: depth: 0 valid: 1 signed: 3 trust: 0-, 0q, 0n, 0m, 0f, 1u gpg: depth: 1 valid: 3 signed: 0 trust: 0-, 0q, 0n, 3m, 0f, 0u gpg: Total number processed: 1 gpg: imported: 1 [midget 9:55] ~ >gpg --verify cyrus-imapd-2.4.17.tar.gz.sig cyrus-imapd-2.4.17.tar.gz gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/documentation/faqs.html for more information gpg: Signature made Sun 2 Dec 06:33:32 2012 CST using DSA key ID 9342BF08 gpg: Good signature from "Jeroen van Meeuwen (kanarip) <kana...@kanarip.com>" gpg: aka "Jeroen van Meeuwen (GMail) <kana...@gmail.com>" gpg: aka "Jeroen van Meeuwen (OGD) <j.van.meeu...@ogd.nl>" gpg: aka "Jeroen van Meeuwen (XS4All) <kana...@xs4all.nl>" gpg: aka "Jeroen van Meeuwen (GameDrome) <kana...@gamedrome.com>" gpg: aka "Jeroen van Meeuwen (PC Zone Clan) <kana...@pczone-clan.nl>" gpg: aka "Jeroen van Meeuwen (Fedora Unity) <kana...@fedoraunity.org>" gpg: aka "Jeroen van Meeuwen (Fedora Project) <kana...@fedoraproject.org>" gpg: aka "Jeroen van Meeuwen (Kolab Systems) (Kolab Systems AG) <vanmeeu...@kolabsys.com>" gpg: aka "Jeroen van Meeuwen (Ergo Project) (Ergo Project) <jeroen.van.meeu...@ergo-project.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: C6B0 7FB4 43E6 CDDA D258 F70B 28DE 9FDA 9342 BF08 -- Daniel O'Connor software and network engineer for Genesis Software - http://www.gsoft.com.au "The nice thing about standards is that there are so many of them to choose from." -- Andrew Tanenbaum GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
