httpd-docs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Joshua Slive" <>
Subject Re: Bad key from your id on Apache Windows Binary
Date Mon, 05 Mar 2007 16:12:11 GMT
On 3/4/07, Russ Austin <> wrote:

> "I notice it says bad key, not bad signature.  Interesting.
> It's a web of trust, now that you trust me, you trust those who's keys
> I've signed.  Since you trusted nobody, you had no trust link to me.
> The instructions probably deserve another look, perhaps ping the list
> to explain your story and ask for some clarification
> be added to those instructions :)

You might want to read this page:
which is linked from the download page.

It explains the web-of-trust thing in a little more detail.

In general, for the average downloader, establishing a trust
relationship to the signer is going to be pretty difficult.  If you
trust, then just verifying the md5 signature is enough.  If
you don't trust (and really, you shouldn't), you'll need to
find some out-of-band way to verify either the md5 or the pgp key.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message