binutils-2.30.tar.xz.sig uses unpublished key

Somchai Smythe buraphalinuxserver@gmail.com
Mon Jan 29 03:35:00 GMT 2018


Works now, after re-downloading from https://ftp.gnu.org/gnu/binutils/

gpg2 --verify binutils-2.30.tar.xz.sig binutils-2.30.tar.xz
gpg: Signature made Sun 28 Jan 2018 11:26:48 PM +07
gpg:                using RSA key 13FCEF89DD9E3C4F
gpg: Good signature from "Nick Clifton (Chief Binutils Maintainer)
<nickc@redhat.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: 3A24 BC1E 8FB4 09FA 9F14  3718 13FC EF89 DD9E 3C4F

Thanks!

On 1/28/18, Nick Clifton <nickc@redhat.com> wrote:
> Hi Somchai,
>
>> binutils-2.30.tar.xz.sig uses a key that is not on any public
>> keyservers I could find
>
> Yes this was my mistake.  (I knew that this release was going too easily).
>
> I created signatures using my internal gpg key, not my external one.  Doh.
>
> The signatures have now been updated.  Please try again.
>
> Cheers
>   Nick
>
> PS.  You should be able to find my key on keys.gnupg.net.
>



More information about the Binutils mailing list