On 03.10.2016 10:33, Red wrote: > There is a signature file for "qemu-2.7.0.tar.bz2" on the downloads > page, but no pubkey to verify with. Do you know something I don't?
AFAIK the packages are signed by Michael Roth who is doing the releases. You can find his key on the usual key servers, e.g.: http://pgp.mit.edu/pks/lookup?search=0x3353C9CEF108B584 Thomas
signature.asc
Description: OpenPGP digital signature
