++ 01/06/14 19:45 +0200 - frank ernest: > Hi again, I have been browsing and downloading gpg signed files and I'm > acctually been downloading the sigs! However, I'm having trouble figuring > out who signed what. Is there some way to determin this using the sig? > Perhaps it has the keys fingerpinnt in it or something. For obvious things > like the linux kernel source Linus himself signs it, but on an old ftp > server, serving old now dead projects, who signed what is not quite so > clear.
I presume this is clear? rejo@broop-kidron:~/Downloads$ gpg --verify TorBrowser-3.6.1-osx32_en-US.dmg.asc TorBrowser-3.6.1-osx32_en-US.dmg gpg: Signature made Wed May 7 01:36:52 2014 CEST gpg: using RSA key 0x416F061063FEE659 gpg: Good signature from "Erinn Clark <er...@torproject.org>" [full] gpg: aka "Erinn Clark <er...@debian.org>" [full] gpg: aka "Erinn Clark <er...@double-helix.org>" [full] So, this tells you the (valid) signature has been made with the key 0x416F061063FEE659. Does that answer your question? -- Rejo Zenger E r...@zenger.nl | P +31(0)639642738 | W https://rejo.zenger.nl T @rejozenger | J r...@zenger.nl OpenPGP 1FBF 7B37 6537 68B1 2532 A4CB 0994 0946 21DB EFD4 XMPP OTR 271A 9186 AFBC 8124 18CF 4BE2 E000 E708 F811 5ACF
pgpeKhLdAIN5M.pgp
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
