ant-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Stefan Bodewig <bode...@apache.org>
Subject Re: gpg and distribution
Date Fri, 21 Jun 2002 16:10:00 GMT
On Fri, 21 Jun 2002, Steve Cohen <SteveC@ignitesports.com> wrote:

> No path leading to one of our keys found.
> 
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg: There is no indication that the signature belongs to the owner.
> gpg: Fingerprint: 5F35 E131 F832 ED23 F761 578B EFA3 E779 EDF6 2C35

This means, that GPG has verified that the key has been used to sign
the distribution and that the distribution hasn't been altered.

It also means that you don't trust anybody who has signed Magesh's key
(given that Magesh's key hasn't been signed by anybidy but Magesh
AFAIK, that would be difficult).

There is a lot to read about that:
<http://www.gnupg.org/gph/en/manual.html#AEN385> probably is a good
starting point.

Stefan

--
To unsubscribe, e-mail:   <mailto:ant-user-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:ant-user-help@jakarta.apache.org>


Mime
View raw message