Re: Apt-get package verification
On Saturday 10 February 2001 12:54, Carel Fellinger wrote:
> On Sat, Feb 10, 2001 at 06:11:01PM +0100, marcoghidinelli wrote:
> > for the debian-developer keys:
> > apt-get install debian-keyring
> I've done this some time ago, but now I get:
> [-- PGP output follows (current time: Sat Feb 10 19:40:06 2001) --]
> gpg: Signature made Sat 10 Feb 2001 06:11:01 PM CET using DSA key ID
> EBF15399 gpg: Good signature from "Marco Ghidinelli
> <firstname.lastname@example.org>" gpg: WARNING: This key is not certified with a
> trusted signature! gpg: There is no indication that the
> signature belongs to the owner. gpg: Fingerprint: 1C34 97F7 1837 D525
> 7E3F C883 B572 DF1A EBF1 5399 [-- End of PGP output --]
I have the same problem with Martin Schulze's sigs. I've retrieved the
debian keyring from the website and from my CD, I've manually
retrieved his key from public keyservers and from the debian website
All the fingerprints match. I've signed his key on my keyring. I even
tried giving it full trust. His sigs are still flagged as bad here.
What have I missed?
Bud Rogers <email@example.com> http://www.sirinet.net/~budr/zamm.html
All things in moderation. And not too much moderation either.