Re: Keys for the DC18 Key Signing Party - Ready for printing!

To: Kurt Roeckx <kurt@roeckx.be>
Cc: debconf-discuss@lists.debian.org
Subject: Re: Keys for the DC18 Key Signing Party - Ready for printing!
From: Gunnar Wolf <gwolf@debian.org>
Date: Wed, 25 Jul 2018 01:14:30 -0500
Message-id: <[🔎] 20180725061430.ev2i4gkmrsqsgjep@gwolf.org>
In-reply-to: <[🔎] 20180725034908.GA25428@roeckx.be>
References: <20180721204914.pog2gzdfcwxzk5vx@gwolf.org> <[🔎] 20180725034908.GA25428@roeckx.be>

Kurt Roeckx dijo [Wed, Jul 25, 2018 at 05:49:09AM +0200]:
> This file really isn't usable, it's not a detached signature. It
> can not be used to verify ksp-dc18.txt. 
> 
> When verifying it, you get:
> $ gpg --verify ksp-dc18.txt.asc 
> gpg: Signature made Tue 24 Jul 2018 02:08:48 AM CEST
> gpg:                using RSA key AB41C1C68AFD668CA045EBF8673A03E4C1DB921F
> gpg: Good signature from "Gunnar Eyal Wolf Iszaevich <gwolf@debian.org>" [full]
> gpg:                 aka "Gunnar Eyal Wolf Iszaevich <gwolf@gwolf.org>" [full]
> gpg:                 aka "Gunnar Eyal Wolf Iszaevich (Instituto de Investigaciones Económicas UNAM) <gwolf@iiec.unam.mx>" [full]
> gpg: WARNING: not a detached signature; file 'ksp-dc18.txt' was NOT verified!
> 
> $ gpg --verify ksp-dc18.txt.asc ksp-dc18.txt
> gpg: not a detached signature
> 
> We need to verify the ksp-dc18.txt file, that's the file we'll all
> compute the SHA256 for.

Just adding to what Julian said:

$ GET https://people.debian.org/~gwolf/ksp-dc18/ksp-dc18.txt | sha256sum
7bc15a0bce48ebe990a650a88d6ab48264394a615cdc377805fda98e575bf189  -
$ GET https://people.debian.org/~gwolf/ksp-dc18/ksp-dc18.txt.asc | gpg -v | sha256sum
gpg: WARNING: no command supplied.  Trying to guess what you mean ...
gpg: armor header: Hash: SHA256
gpg: original file name=''
gpg: Signature made Tue 24 Jul 2018 08:08:48 AM CST
gpg:                using RSA key AB41C1C68AFD668CA045EBF8673A03E4C1DB921F
gpg: using pgp trust model
gpg: Good signature from "Gunnar Eyal Wolf Iszaevich <gwolf@debian.org>" [unknown]
gpg:                 aka "Gunnar Eyal Wolf Iszaevich <gwolf@gwolf.org>" [unknown]
gpg:                 aka "Gunnar Eyal Wolf Iszaevich (Instituto de Investigaciones Económicas UNAM) <gwolf@iiec.unam.mx>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: AB41 C1C6 8AFD 668C A045  EBF8 673A 03E4 C1DB 921F
gpg: textmode signature, digest algorithm SHA256, key algorithm rsa4096
7bc15a0bce48ebe990a650a88d6ab48264394a615cdc377805fda98e575bf189  -

Attachment: signature.asc
Description: PGP signature

Reply to:

References:
- Re: Keys for the DC18 Key Signing Party - Ready for printing!
  - From: Kurt Roeckx <kurt@roeckx.be>

Prev by Date: Re: climbers or potential climbers at DebConf18?
Next by Date: warmer hacklabs (Re: DebCamp Announcements for 2018-07-25)
Previous by thread: Re: Keys for the DC18 Key Signing Party - Ready for printing!
Next by thread: HSR Trains - not all trains stop in Hsinchu
Index(es):
- Date
- Thread