Hi, Can someone 'official' please verify the GPG key used for signing files?
gpg --verify clamwin-0.99-setup.exe.asc clamwin-0.99-setup.exe
gpg: Signature made 01/17/16 14:36:59 AUS Eastern Daylight Time using
DSA key ID 8CC6DDB4
gpg: Good signature from "ClamWin Free Antivirus Software Distribution
(For signing ClamWin Free Antivirus source code and binaries)
<clam...@clamwin.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
owner.
Primary key fingerprint: DF56 551A 55CD E5A6 DEC6 1847 0839 CC71 8CC6 DDB4
gpg --list-sigs --keyid-format long --fingerprint --fingerprint clamwin
pub 1024D/0839CC718CC6DDB4 2005-06-09
Key fingerprint = DF56 551A 55CD E5A6 DEC6 1847 0839 CC71 8CC6 DDB4
uid [ unknown] ClamWin Free Antivirus Software
Distribution (For signing ClamWin Free Antivirus source code and
binaries) <clam...@clamwin.com>
sig 3 0839CC718CC6DDB4 2005-06-09 ClamWin Free Antivirus
Software Distribution (For signing ClamWin Free Antivirus source code
and binaries) <clam...@clamwin.com>
sub 2048g/98E5FBFAE4BADE44 2005-06-09
Key fingerprint = 272E 7BE7 8A8C 513D 1E3A C9CF 98E5 FBFA E4BA DE44
sig 0839CC718CC6DDB4 2005-06-09 ClamWin Free Antivirus
Software Distribution (For signing ClamWin Free Antivirus source code
and binaries) <clam...@clamwin.com>
Also, is it feasible to get the Windows EXE files signed with a suitable
digital certificate so as to be a double check?
And.... 1024 bit keys are very small, perhaps you need to do an update.
Kind Regards
AndrewM
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Help us build a comprehensive ClamAV guide: https://github.com/vrtadmin/clamav-faq http://www.clamav.net/contact.html#ml
