This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: binutils-2.30.tar.xz.sig uses unpublished key
Works now, after re-downloading from https://ftp.gnu.org/gnu/binutils/
gpg2 --verify binutils-2.30.tar.xz.sig binutils-2.30.tar.xz
gpg: Signature made Sun 28 Jan 2018 11:26:48 PM +07
gpg: using RSA key 13FCEF89DD9E3C4F
gpg: Good signature from "Nick Clifton (Chief Binutils Maintainer)
<nickc@redhat.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 3A24 BC1E 8FB4 09FA 9F14 3718 13FC EF89 DD9E 3C4F
Thanks!
On 1/28/18, Nick Clifton <nickc@redhat.com> wrote:
> Hi Somchai,
>
>> binutils-2.30.tar.xz.sig uses a key that is not on any public
>> keyservers I could find
>
> Yes this was my mistake. (I knew that this release was going too easily).
>
> I created signatures using my internal gpg key, not my external one. Doh.
>
> The signatures have now been updated. Please try again.
>
> Cheers
> Nick
>
> PS. You should be able to find my key on keys.gnupg.net.
>