[SNIP]
If I manually verify ftp://ftp.debian.org/debian/dists/stable/Release
& Release.gpg I get the following:
blueboy:~# gpg --verify ./Release.gpg ./Release
gpg: Signature made Thu Nov 20 19:57:33 2003 CET using DSA key ID
38C6029A
gpg: Good signature from "Debian Archive Automatic Signing Key (2003)
<ftpmaster@debian.org>"
Could not find a valid trust path to the key. Let's see whether we
can assign some missing owner trust values.
No path leading to one of our keys found.
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
owner.
gpg: Fingerprint: EB2F A2AF 170D 2359 26A7 7BF3 B629 A24C 38C6 029A
gpg: Signature made Wed Dec 31 17:26:06 2003 CET using DSA key ID
30B34DD5
gpg: Can't check signature: public key not found
blueboy:~#
blueboy:~#
Reimporting the 'latest' (????) key I notice that the key IDs are
different
blueboy:~# gpg --import ./ziyi_key_2003.asc
gpg: key 38C6029A: public key imported
gpg: Total number processed: 1
gpg: imported: 1
blueboy:~#
So I guess I don't have an up to date ziyi public key.
Can anyone confirm this for me... and if I am correct, when can I find
the key with ID 30B34DD5?