Why are sarge-ISO's not signed with the ftpmaster-key???

To: debian-user@lists.debian.org
Subject: Why are sarge-ISO's not signed with the ftpmaster-key???
From: m.shukov@gmx.net
Date: Mon, 21 Aug 2006 10:45:56 +0200
Message-id: <[🔎] 20060821084556.132720@gmx.net>

My question is, why sarge-ISO's are not signed with the ftpmaster-key.
I want to download a Sarge DVD and verify the Signature of the
MD5SUM-File to see if it's not manipulated an I can check the md5-Sums
with it later.

gpg tells me, that the signature can not be verified, because I don't
have the public key on my keyring. I expected that the ISO's (the
MD5SUM-Files) are signed with the ftpmaster-Key, which is on my
keyring.
If I tell gpg to get the key from the keyserver, it tells me that the Key is not found. After investigating a while in the net I found out, that the key belongs to Steve McIntyre (steve@einval.com), sombody I never heard of. That's shure because I don't konow the debian Project very well. But I don't think it's a very sensfull way to sign the most important downloads with a key only debian-insiders know. Why isn't the ftpmaster key used?



-- 


Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen!
Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer

Reply to:

Follow-Ups:
- Re: Why are sarge-ISO's not signed with the ftpmaster-key???
  - From: Jon Dowland <lists@alcopop.org>
- Re: Why are sarge-ISO's not signed with the ftpmaster-key???
  - From: Joseph Le-Phan <five0.oss@gmail.com>

Prev by Date: Re: X.org killed my ATI TV
Next by Date: Re: Debian-Etch Update 08/19/2006 - AA/Font issues?
Previous by thread: list of amd64 motherboards fully supported by sarge or Etch
Next by thread: Re: Why are sarge-ISO's not signed with the ftpmaster-key???
Index(es):
- Date
- Thread