question regarding verification of a debian installation iso

To: debian-security@lists.debian.org
Subject: question regarding verification of a debian installation iso
From: Naja Melan <najamelan@gmail.com>
Date: Sun, 2 Jan 2011 18:56:06 +0100
Message-id: <[🔎] AANLkTinAq9XQe5YGwZYS-_fqKK2+cH0Tg87xkkufFst=@mail.gmail.com>

hi,

Im trying to verify that the debian iso I downloaded has not been tampered with by following the following faq entry:

http://www.debian.org/CD/faq/#verify

There are some things I don't understand yet. I have gotten as far as downloading the checksum files, the iso and the signatures of the checksum files. Now to verify the checksums I need the public key of the keypair used to sign the checksum files. Im using gpa and downloaded that public key. So far, all that has happened is that my problem has been pushed down the line, because now I have a public key in my keyring that came over the internet and I have no idea on how to verify that one.

Could someone please tell me how I could do that? ( Assuming that all the people that signed that key are not at hand here at my home, and so I could not receive their public keys personally.)

Thanks in advance.
naja melan

Reply to:

Follow-Ups:
- Re: question regarding verification of a debian installation iso
  - From: Kurt Roeckx <kurt@roeckx.be>
- Re: question regarding verification of a debian installation iso
  - From: Arthur de Jong <adejong@debian.org>

Prev by Date: Re: [SECURITY] [DSA 2139-1] New phpmyadmin packages fix several vulnerabilities
Next by Date: Re: question regarding verification of a debian installation iso
Previous by thread: Re: [SECURITY] [DSA 2139-1] New phpmyadmin packages fix several vulnerabilities
Next by thread: Re: question regarding verification of a debian installation iso
Index(es):
- Date
- Thread