doubt about live CD/DVD signing key
Can you please tell me whether I can trust the debian signing key of the
live CDs/DVDs? Thanks.
After adding the key to the keyring, I get:
gpg --verify SHA256SUMS.sign SHA256SUMS
gpg: Signature made Mon 17 Oct 2011 14:55:55 CEST using RSA key ID
gpg: Good signature from "Debian Live Signing Key
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
Primary key fingerprint: 696F 95F0 88E4 D359 947F 7AEB 6F95 B499 6CA7
The key does not appear in this page:
Someone else had the same problem, what follows is taken from the debian
forum, but there was no reply:
The Debian-Live DVD signing key has fingerprint
Code: Select all
696F 95F0 88E4 D359 947F 7AEB 6F95 B499 6CA7 B5A6
It is signed by one person
Code: Select all
sig sig3 6CA7B5A6 2011-03-09 __________ 2021-02-01 [selfsig]
sig sig 4B2B2B9E 2011-03-12 __________ __________ Daniel Baumann
Baumann has signed his key 4B2B2B9E with various other identities he
owns, but apparently no-one else has signed his key! Thus, the GPG
signed files containing the checksums for the Debian-live DVDs appear to
(I munged the email addresses.)
Does anyone know why these keys are treated so differently? It could be
important if for some reason I wanted to install from one of the live
DVDs (each about 1GB) rather than the full (4.4 GB) DVD #1.
To UNSUBSCRIBE, email to debian-laptop-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact email@example.com
|All times are GMT. The time now is 07:13 PM.|
VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.