[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

checking gpg signatures

Hello all,

Well, this mail is not only for debian-newmaint-discuss but because of the lot's of gpg 
issues I think it's important to mail this message here.

I would like to tell you only that, how --list-sigs does NOT check anything. If you want to 
be sure that the key is signed you must use --check-sigs. I saw almost everyone using 
--list-sigs and it's very important to do not.

If you can do, please include this in the appropiate documentaion.

BTW, it would be good if the finger deamon at debian.org would use --check-sigs instead of --list-sigs.

Lenart, Janos

Attachment: pgptehJkmISNK.pgp
Description: PGP signature

Reply to: