On Thu, Nov 29, 2012 at 04:02:45PM -0500, Wietse Venema wrote:
> Bastian Blank:
> > Much worse, it is a PGPv3 RSA key. Such keys are not longer safe for use
> You're mistaken. It's from PGP5.
Maybe it was generated with PGP 5. This piece of software supports both
formats. The easiest to see clue i
Bastian Blank:
> On Thu, Nov 29, 2012 at 01:26:34PM -0500, Wietse Venema wrote:
> > It's an RSA key.
> > Type Bits KeyID CreatedExpiresAlgorithm Use
> > sec+ 2048 0xC12BCD99 2005-02-28 -- RSA Sign & Encrypt
> > uid Wietse Venema
>
> Much worse, it is a PGP
Solved! It WAS a bad download. I downloaded both the tarball and the
.sig file and got the following:
gpg: Signature made Wed Aug 1 15:14:44 2012 PDT using RSA key ID C12BCD99
gpg: Good signature from "Wietse Venema "
gpg: WARNING: This key is not certified with a trusted signature!
gpg:
On Thu, Nov 29, 2012 at 01:26:34PM -0500, Wietse Venema wrote:
> It's an RSA key.
> Type Bits KeyID CreatedExpiresAlgorithm Use
> sec+ 2048 0xC12BCD99 2005-02-28 -- RSA Sign & Encrypt
> uid Wietse Venema
Much worse, it is a PGPv3 RSA key. Such keys are not
Will,
I *think* I have the key added to my keyring - isn't that what the:
gpg --import wietse.pgp
does???
Ed
On Thu, Nov 29, 2012 at 10:14:40AM -0800, Ed Flecko wrote:
> gpg --verify postfix-2.9.4.tar.gz.sig postfix-2.9.4.tar.gz
> gpg: no valid OpenPGP data found.
There is nothing to be verified in the specified file.
> gpg: the signature could not be verified.
> Please remember that the signature file
On Thu, Nov 29, 2012 at 01:26:34PM -0500, Wietse Venema wrote:
> Ed Flecko:
> > gpg --verify postfix-2.9.4.tar.gz.sig postfix-2.9.4.tar.gz
> > gpg: no valid OpenPGP data found.
>
> It's an RSA key.
On Thu, Nov 29, 2012 at 10:35:38AM -0800, Ed Flecko wrote:
>
> So, I guess, gnupg won't verify an
Ed Flecko:
> O.K., thank you.
>
> So, I guess, gnupg won't verify an RSA key?
>
> Perhaps FreeBSD needs a different program other than gnupg or pgp to
> verify this type of signature? How do most people verify the package
> signature?
Below is my result on FreeBSD 8.
Wietse
% gpg --ver
O.K., thank you.
So, I guess, gnupg won't verify an RSA key?
Perhaps FreeBSD needs a different program other than gnupg or pgp to
verify this type of signature? How do most people verify the package
signature?
Ed
Ed Flecko:
> gpg --verify postfix-2.9.4.tar.gz.sig postfix-2.9.4.tar.gz
> gpg: no valid OpenPGP data found.
It's an RSA key.
Type Bits KeyID CreatedExpiresAlgorithm Use
sec+ 2048 0xC12BCD99 2005-02-28 -- RSA Sign & Encrypt
uid Wietse Venema
Wiets
10 matches
Mail list logo
