Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Release gpg signature unusable #54

Open
c0m1c5an5 opened this issue Nov 3, 2024 · 1 comment
Open

Release gpg signature unusable #54

c0m1c5an5 opened this issue Nov 3, 2024 · 1 comment

Comments

@c0m1c5an5
Copy link

The github release contains the *.cap.asc signatures for the *.cap files. Yet they are unusable, because the repository does not contain the issuer public key, nor is it uploaded to any keyserver (at least none of the default ones).

$ gpg --verify SmartPGP-v1.22.2-jc304-rsa_up_to_4096.cap.asc 
gpg: assuming signed data in 'SmartPGP-v1.22.2-jc304-rsa_up_to_4096.cap'
gpg: Signature made Wed 12 Apr 2023 04:47:20 PM EEST
gpg:                using RSA key AB45C2B676E95DF03C3803377F6C58648D8367B1
gpg:                issuer "arnaud.fontaine@ssi.gouv.fr"
gpg: Can't check signature: No public key
$ gpg --recv-keys AB45C2B676E95DF03C3803377F6C58648D8367B1
gpg: keyserver receive failed: No data
@github-af
Copy link
Owner

Thank you for reporting this problem.
All releases have been updated with valid and verifialbe signatures.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@c0m1c5an5 @github-af