|
| From: | Bernard Leak |
| Subject: | [Libunwind-devel] I seem to be missing something - how do I verify your signing keys? |
| Date: | Sun, 25 Nov 2012 16:16:59 +0000 |
| User-agent: | Mozilla/5.0 (X11; Linux i686; rv:14.0) Gecko/20120713 Thunderbird/14.0 |
Dear List,*ahem*. Release tarballs of libunwind have in the past been signed
"using DSA key ID 2C494A60" The 1.1 release has been signed "using RSA key ID 914F3F48"Nice to know. However, these keys seem to be unknown to the usual run of key-servers, there is no document in the Savannah download directory which looks as though it will contain such a key, the "people.html" document only lists e-mail addresses for two people (David Mosberger, and Jose Flavio Aguilar Paulino) with no accompanying info. Web-searching for 914F3F48 threw up only one very false-looking positive associated with telephone numbers in Coventry, and 2C494A60 threw up two instances of an
irrelevant match and something impressively irrelevant in Latvian.Apologies if I've missed something obvious somewhere, but I think I've tried hard enough at this point. Is anybody expected to verify these signatures, or are we supposed to be impressed that *somebody* has signed them and take that as good enough?
Bernard Leak.
| [Prev in Thread] | Current Thread | [Next in Thread] |