[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Duplicity-talk] verifying duplicity-0.7.06.tar.gz.sig

From: Kenneth Loafman
Subject: Re: [Duplicity-talk] verifying duplicity-0.7.06.tar.gz.sig
Date: Sat, 19 Dec 2015 06:33:50 -0600

Refreshed the keys on subkeys.pgp.net



On Sat, Dec 19, 2015 at 4:29 AM, Chris Berkhout <address@hidden> wrote:
I'm running into trouble verifying the signature of the latest duplicity release.

$ gpg -vv --verify duplicity-0.7.06.tar.gz.sig
# off=0 ctb=89 tag=2 hlen=3 plen=284
:signature packet: algo 1, keyid 330B3C2A96A9EA9C
        version 4, created 1449489878, md5len 0, sigclass 0x00
        digest algo 2, begin of digest 56 71
        hashed subpkt 2 len 4 (sig created 2015-12-07)
        subpkt 16 len 8 (issuer key ID 330B3C2A96A9EA9C)
        data: [2047 bits]
gpg: assuming signed data in 'duplicity-0.7.06.tar.gz'
gpg: Signature made Mon 07 Dec 2015 23:04:38 AEDT
gpg:                using RSA key 0x330B3C2A96A9EA9C
gpg: Can't check signature: No public key

So, I need the public key for key ID 0x330B3C2A96A9EA9C, but when I try to fetch it it's not found.

$ gpg -vv --recv-keys 330B3C2A96A9EA9C
gpg: keyserver receive failed: No data

Kenneth Loafman sent the release announcement, but none of the keys I find with that name match the one used in the signature.

Who signed it and how can I get their public key?


Duplicity-talk mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]