Hi there, when trying this:
gpg --verify gnupg-2.3.4.tar.bz2.sig gnupg-2.3.4.tar.bz2 I get that: gpg: Signature made Mo 20 Dez 2021 22:52:45 CET gpg: using EDDSA key 6DAA6E64A76D2840571B4902528897B826403ADA gpg: Good signature from "Werner Koch (dist signing 2020)" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 6DAA 6E64 A76D 2840 571B 4902 5288 97B8 2640 3ADA gpg: Signature made Di 21 Dez 2021 07:20:39 CET gpg: using EDDSA key AC8E115BF73E2D8D47FA9908E98E9B2D19C6C8BD gpg: Can't check signature: No public key First gpg says, good signature, then it says "no public key"? Has the tarball been signed with two keys? Verification was tried using gpg 2.3.1 Thanks! _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users