On Donnerstag, 26. Mai 2022 10:35:18 CEST bvea--- via Gnupg-users wrote: > I've imported the key specified on > the website and have verified the gpg source and all of the dependencies > except for npth1.6. When I try to verify npth, the output is > > gpg: Signature made Mon 16 Jul 2018 12:37:23 AM PDT > gpg: using RSA key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 > gpg: Can't check signature: No public key > > Looking around on the internet I can find some indication that this is an > old key belonging to Werner Koch that expired in 2019, but I would like to > be able to properly verify npth before building it. Can anyone advise on > how best to proceed?
https://gnupg.org/download/integrity_check.html points to https://gnupg.org/signature_key.html At the end of this page you can download "a public key block with expired keys used to sign older releases". It contains 5 keys including Werner's key that expired in 2019 (and not just the 2 former signature keys that are confusingly mentioned on the page). Regards, Ingo
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org https://lists.gnupg.org/mailman/listinfo/gnupg-users
