Robert Lopez:
> Wietse, No I did not! Now I have. Thanks.
>
> Is this sufficient to know all is ok:
>
> # gpg --verify postfix-2.10.0.tar.gz.sig postfix-2.10.0.tar.gz
> gpg: Signature made Mon 11 Feb 2013 09:19:00 AM MST using RSA key ID
> C12BCD99
> gpg: Good signature from "Wietse Venema <wie...@porcupine.org>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg: There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: FF 96 4A 8C 96 88 7C 6E A4 EF AD BF 48 34 E1 BB
That looks right, however email is not secure enough to authenticate
a PGP public key. Since the key has no other signature, yould have
to meet me in person. I don't seem to have a copy that was signed
by other people.
Wietse
