CD verification key question
Dear Sir or Madam,
I was trying to verify my Debian download following these instructions:
and found the second part of the instructions (below) unclear:
"To ensure that the checksums files themselves are correct, use GnuPG to verify them against the accompanying signature files (e.g. MD5SSUMS.sign). The keys used for these signatures are all in the Debian GPG keyring and the best way to check them is to use that keyring to validate via the web of trust"
My understanding of the above is that I need keys to decipher the X.sign file
so that I can compare it with the checksum file. Don't I need a KeyID to
get the proper key? Where/how do I get it?