On 7/3/2024 12:14 AM, Kalle Valo wrote: > Kalle Valo <kvalo@xxxxxxxxxx> writes: >> I see a weird warning from gpg which I have never seen before: >> >> merged tag 'ath-next-20240702' >> gpg: Signature made Tue 02 Jul 2024 05:55:42 PM EEST >> gpg: using EDDSA key 3F9AD487CCF522D7A21F0C492C15BBA0898CCB7B >> gpg: issuer "jjohnson@xxxxxxxxxx" >> gpg: Good signature from "Jeff Johnson <quic_jjohnson@xxxxxxxxxxx>" [full] >> gpg: WARNING: We do NOT trust this key! >> gpg: The signature is probably a FORGERY. >> >> It first says that the signature is good and then claims it's a forgery, >> odd. Is this a problem between using different email addresses or what? > > I did 'gpg --refresh-keys', now your key contains your kernel.org > address and I don't see the warning anymore. > There had to be at least one issue with my first PR. Glad you sorted it out. Key management is still a mystery to me... /jeff