* DSA key
@ 2010-06-22 0:07 Gaston Fiore
2010-06-22 0:16 ` J.H.
0 siblings, 1 reply; 2+ messages in thread
From: Gaston Fiore @ 2010-06-22 0:07 UTC (permalink / raw)
To: git
Hello,
I'm trying to verify the download of Git and I get the following:
gbrain:Downloads gafiore$ gpg --verify git-1.7.1.tar.bz2.sign
gpg: Signature made Fri Apr 23 22:49:17 2010 EDT using DSA key ID 517D0F0E
gpg: Can't check signature: public key not found
How do I know whether I should trust the downloaded file?
Thanks,
-Gaston
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: DSA key
2010-06-22 0:07 DSA key Gaston Fiore
@ 2010-06-22 0:16 ` J.H.
0 siblings, 0 replies; 2+ messages in thread
From: J.H. @ 2010-06-22 0:16 UTC (permalink / raw)
To: Gaston Fiore; +Cc: git
Gaston,
You might want to try:
gpg --recv-keys 517D0F0E
or read the following information on gpg signatures from kernel.org:
http://www.kernel.org/signature.html
- John 'Warthog9' Hawley
On 06/21/2010 05:07 PM, Gaston Fiore wrote:
> Hello,
>
> I'm trying to verify the download of Git and I get the following:
>
> gbrain:Downloads gafiore$ gpg --verify git-1.7.1.tar.bz2.sign
> gpg: Signature made Fri Apr 23 22:49:17 2010 EDT using DSA key ID 517D0F0E
> gpg: Can't check signature: public key not found
>
> How do I know whether I should trust the downloaded file?
>
> Thanks,
>
> -Gaston
>
> --
> To unsubscribe from this list: send the line "unsubscribe git" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-06-22 0:56 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2010-06-22 0:07 DSA key Gaston Fiore
2010-06-22 0:16 ` J.H.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).