Re: Keys for the DC18 Key Signing Party - Ready for printing!
On Wed, Jul 25, 2018 at 05:49:09AM +0200, Kurt Roeckx wrote:
> On Sat, Jul 21, 2018 at 03:49:14PM -0500, Gunnar Wolf wrote:
> > As we all finish packing our bags for Taiwan, several people have
> > asked me what about the KSP list we are supposed to
> > _print_at_home_. So, I took some time out of packing, and decided to
> > finalize the needed bits to have this in working order!
> >
> > So, we have the final v1.0 list for the DebConf18 Continuous Key
> > Signing Party! Please find it here:
> >
> > https://people.debian.org/~gwolf/ksp-dc18/ksp-dc18.txt
> >
> > If you want to ensure the file came from me, you can check the
> > clear-signed version:
> >
> > https://people.debian.org/~gwolf/ksp-dc18/ksp-dc18.txt.asc
>
> This file really isn't usable, it's not a detached signature. It
> can not be used to verify ksp-dc18.txt.
>
> When verifying it, you get:
> $ gpg --verify ksp-dc18.txt.asc
> gpg: Signature made Tue 24 Jul 2018 02:08:48 AM CEST
> gpg: using RSA key AB41C1C68AFD668CA045EBF8673A03E4C1DB921F
> gpg: Good signature from "Gunnar Eyal Wolf Iszaevich <gwolf@debian.org>" [full]
> gpg: aka "Gunnar Eyal Wolf Iszaevich <gwolf@gwolf.org>" [full]
> gpg: aka "Gunnar Eyal Wolf Iszaevich (Instituto de Investigaciones Económicas UNAM) <gwolf@iiec.unam.mx>" [full]
> gpg: WARNING: not a detached signature; file 'ksp-dc18.txt' was NOT verified!
>
> $ gpg --verify ksp-dc18.txt.asc ksp-dc18.txt
> gpg: not a detached signature
>
> We need to verify the ksp-dc18.txt file, that's the file we'll all
> compute the SHA256 for.
Download the .txt.sha256 and the .txt.sha256.asc and verify that;
and then check that SHA256 in there matches the file and the shared
SHA256.
--
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer i speak de, en
Reply to: