Signature debian CDs

To: debian-user@lists.debian.org
Subject: Signature debian CDs
From: Dan <ganchya@gmail.com>
Date: Mon, 21 Mar 2011 13:33:16 -0400
Message-id: <[🔎] AANLkTi=p1=SC+riVUvAe6NXB0MmRzaKsFRPK3Us+LDZZ@mail.gmail.com>

Hi,

I downloaded the netinst CD image for the installation of debian. I
have an Ubuntu computer where I checked the md5sum and the sha1sum. I
also tried to check the signature doing the following:
gpg --keyserver keyring.debian.org --recv-keys 6294BE9B
gpg --verify MD5SUMS.sign MD5SUMS

Is this the right procedure?

I get a warning:
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.

How does gpg check the authenticity of keyring.debian.org? Does it
check it through a master keyserver?

Thanks,
Dan

Reply to:

Follow-Ups:
- Re: Signature debian CDs
  - From: Andrei Popescu <andreimpopescu@gmail.com>

Prev by Date: Re: What happened to debian - does "stable" keep having any meaning?
Next by Date: Re: What happened to debian - does "stable" keep having any meaning?
Previous by thread: Re: X-windows copy/paste mess [SOLVED]
Next by thread: Re: Signature debian CDs
Index(es):
- Date
- Thread