[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

The "CD signing key" (6294BE9B)

I found three posts on this back in January,


but the documentation still says nothing about why the "CD signing
key" should be different from the archive key and why the CD signing
key was never announced, etc.

I did go to the trouble of pulling the signatures and checksums off of
three different more-or-less randomly chosen mirrors, to check they
were the same, but I'd still feel a little more comfortable taking my
first spin with Debian if there were more evidence that the key that
the CDs are being signed with is officially claimed by the project.

Okay, I did a gpg --recv-keys on the key 6294BE9B from
keyring.debian.org , and tried gpg --verify on the downloaded netinst
image, and got the bad signature message. (I think I got the syntax

So, what gives, here? Anybody care to give me a clue?

Reply to: