On Sun, Oct 21, 2007 at 08:50:17AM -0700, P T said: > Hi, > I downloaded clam av from the clam av site. However when I check the > signature I get that basically it isn't a trusted signature. How am I > doing this wrong? > # to get the key > > gpg --keyserver random.sks.keyserver.penguin.de --recv-keys 985A444B > # to verifiy the clam file. > > gpg --verify clamav-0.91.2.tar.gz.sig > > gpg: Signature made Mon 20 Aug 2007 06:21:05 PM CDT using DSA key ID > > 985A444B > > gpg: Good signature from "Tomasz Kojm <[EMAIL PROTECTED]>" > > gpg: aka "Tomasz Kojm <[EMAIL PROTECTED]>" > > gpg: aka "Tomasz Kojm <[EMAIL PROTECTED]>" > > gpg: WARNING: This key is not certified with a trusted signature! > > gpg: There is no indication that the signature belongs to the > > owner. > > Primary key fingerprint: 0DCA 5A08 407D 5288 279D B434 5482 2DC8 985A 444B
That is expected output. It is a good signature, but there is no trust path (which means you haven't signed keys with Tomasz). -- -------------------------------------------------------------------------- | Stephen Gran | What the scientists have in their | | [EMAIL PROTECTED] | briefcases is terrifying. -- Nikita | | http://www.lobefin.net/~steve | Khruschev | --------------------------------------------------------------------------
signature.asc
Description: Digital signature
_______________________________________________ Help us build a comprehensive ClamAV guide: visit http://wiki.clamav.net http://lurker.clamav.net/list/clamav-users.html
