Go to any public key server and get that key ID. However, before doing that, I'd first verify the checksum without using GnuPG. That process should also have been described on the download page.
-----Original Message----- From: Gnupg-users [mailto:gnupg-users-bounces+sbutler=fchn....@gnupg.org] On Behalf Of Simon Albrecht Sent: Monday, October 03, 2016 6:36 AM To: gnupg-users@gnupg.org Subject: What to do at failed integrity check? Hello everybody, I’m having a problem getting GnuPG set up: I downloaded the tarball and signature (for v2.0.30), then did the integrity check as described on <https://www.gnupg.org/download/integrity_check.html> using the packaged version of GnuPG (1.4.something), and it failed with this message: gpg: Signature made Do 31 Mär 2016 12:56:02 CEST using RSA key ID 4F25E3B6 gpg: Can't check signature: public key not found I already tried getting the files from a mirror – same thing. Now, the instructions on the linked webpage only say ‘the file should be treated suspiciously’. But what can I do now? Just use it anyway and hope it’s not a real problem? Best regards, Simon Albrecht _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users -- CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users