On Thu, Nov 29, 2012 at 10:14:40AM -0800, Ed Flecko wrote: > gpg --verify postfix-2.9.4.tar.gz.sig postfix-2.9.4.tar.gz > gpg: no valid OpenPGP data found.
There is nothing to be verified in the specified file. > gpg: the signature could not be verified. > Please remember that the signature file (.sig or .asc) > should be the first file given on the command line. | $ gpg --verify postfix-2.9.4.tar.gz.sig postfix-2.9.4.tar.gz | gpg: Signature made Do 02 Aug 2012 00:14:44 CEST using RSA key ID C12BCD99 | gpg: WARNING: digest algorithm MD5 is deprecated | gpg: please see http://www.gnupg.org/faq/weak-digest-algos.html for more information | gpg: Good signature from "Wietse Venema <wie...@porcupine.org>" | gpg: WARNING: This key is not certified with a trusted signature! | gpg: There is no indication that the signature belongs to the owner. | Primary key fingerprint: FF 96 4A 8C 96 88 7C 6E A4 EF AD BF 48 34 E1 BB > What am I doing wrong??? Something mangled your download I suspect. Bastian -- Is truth not truth for all? -- Natira, "For the World is Hollow and I have Touched the Sky", stardate 5476.4.
