question regarding verification of a debian installation iso
Im trying to verify that the debian iso I downloaded has not been tampered with by following the following faq entry:
There are some things I don't understand yet. I have gotten as far as downloading the checksum files, the iso and the signatures of the checksum files. Now to verify the checksums I need the public key of the keypair used to sign the checksum files. Im using gpa and downloaded that public key. So far, all that has happened is that my problem has been pushed down the line, because now I have a public key in my keyring that came over the internet and I have no idea on how to verify that one.
Could someone please tell me how I could do that? ( Assuming that all the people that signed that key are not at hand here at my home, and so I could not receive their public keys personally.)
Thanks in advance.