Wrong PGP key #259

amilopowers · May 11, 2016

I wanted to retry your ROM today. When I checked the PGP signature I got an error:

[amilopowers@localhost Downloads]$ gpg --verify hammerhead-factory-2016.05.08.05.30.34.tar.xz.sig hammerhead-factory-2016.05.08.05.30.34.tar.xz
gpg: Unterschrift vom Son 08 Mai 2016 09:00:31 CEST mittels RSA-Schlüssel ID 9AF5F22A
gpg: Korrekte Unterschrift von "Daniel Micay <danielmicay@gmail.com>"
gpg:                     alias "Daniel Micay <daniel.micay@copperhead.co>"
gpg: WARNUNG: Dieser Schlüssel trägt keine vertrauenswürdige Signatur!
gpg:          Es gibt keinen Hinweis, daß die Signatur wirklich dem vorgeblichen Besitzer gehört.
Haupt-Fingerabdruck  = 65EE FE02 2108 E2B7 08CB  FCF7 F9E7 12E5 9AF5 F22A
[amilopowers@localhost Downloads]$

That's not an error. It's reporting that it's a valid signature from a key that you haven't marked with any level of trust, and you don't have the keys it's signed with marked with trust either.

thestinger · May 11, 2016

That's not an error. It's reporting that it's a valid signature from a key that you haven't marked with any level of trust, and you don't have the keys it's signed with marked with trust either.

thestinger closed this May 11, 2016

thestinger added the Type: question label May 11, 2016

copperhead/bugtracker

Wrong PGP key #259

amilopowers commented May 11, 2016

This comment has been minimized.

thestinger commented May 11, 2016

thestinger closed this May 11, 2016

thestinger added the Type: question label May 11, 2016

copperhead/bugtracker

Join GitHub today

Wrong PGP key #259

Comments

amilopowers commented May 11, 2016

This comment has been minimized.

thestinger May 11, 2016

thestinger commented May 11, 2016

thestinger closed this May 11, 2016

thestinger added the Type: question label May 11, 2016