subversion-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andreas Stieger" <Andreas.Stie...@gmx.de>
Subject issue 4587: Verifying multiple OpenPGP signatures on a release
Date Thu, 13 Aug 2015 10:16:57 GMT
For issue 4587: Verifying multiple OpenPGP signatures on a release
The following splits and verifies all signatures:
csplit --elide-empty-files --prefix=sig --suffix-format=%0d2.asc  subversion-1.9.0.tar.bz2.asc
'/^-----BEGIN PGP SIGNATURE-----$/' '{*}'
for X in sig*.asc; do gpg --verify $X subversion-1.9.0.tar.bz2; done

The same could be done in awk.

In 2013 gpg was noted to not support multiple signatures if the signing keys differ in type/digest:
http://www.eyrie.org/~eagle/journal/2013-01/011.html

Andreas

Mime
View raw message