Re: How to Verify Git GPG Signed Downloads?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

"brian m. carlson" <sandals@xxxxxxxxxxxxxxxxxxxx> writes:

>> $ gpg --list-keys -v 96AFE6CB
>> gpg: using PGP trust model
>> gpg: NOTE: signature key 96AFE6CB expired Sun Jul 26 13:41:24 2020 EDT
>> gpg: NOTE: signature key B3F7CAC9 expired Sun Jul 26 13:41:42 2020 EDT
>> pub   4096R/713660A7 2011-10-01
>> uid                  Junio C Hamano <gitster@xxxxxxxxx>
>> uid                  Junio C Hamano <junio@xxxxxxxxx>
>> uid                  Junio C Hamano <jch@xxxxxxxxxx>
>> sub   4096R/96AFE6CB 2011-10-03 [expired: 2020-07-26]
>> sub   4096R/833262C4 2011-10-01
>> sub   4096R/B3F7CAC9 2014-09-20 [expired: 2020-07-26]
>> 
>> It is possible that Junio forgot to push his refreshed public key.
>
> Yes, I think that's the case.

Hmph, I was fairly sure I pushed it out when I refreshed the expiry
date sometime early last year, but apparently it did not go through.

I just tried recv-keys from keys.gnupg.net into a throw-away
GNUPGHOME and got the output at the end, so it should be OK now.
Sorry about that.


$ gpg --list-keys -v 96AFE6CB
gpg: using pgp trust model
pub   rsa4096 2011-10-01 [SC]
      96E07AF25771955980DAD10020D04E5A713660A7
uid           [ unknown] Junio C Hamano <gitster@xxxxxxxxx>
uid           [ unknown] Junio C Hamano <jch@xxxxxxxxxx>
uid           [ unknown] Junio C Hamano <junio@xxxxxxxxx>
sub   rsa4096 2011-10-01 [E]
sub   rsa4096 2011-10-03 [S] [expires: 2028-01-11]
sub   rsa4096 2014-09-20 [S] [expires: 2028-01-11]
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux