Hello, I'm trying to verify the download of Git and I get the following: gbrain:Downloads gafiore$ gpg --verify git-1.7.1.tar.bz2.sign gpg: Signature made Fri Apr 23 22:49:17 2010 EDT using DSA key ID 517D0F0E gpg: Can't check signature: public key not found How do I know whether I should trust the downloaded file? Thanks, -Gaston -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html