Re: [Announce] GnuPG 2.1.17 released

2016-12-20 Thread Heinz Diehl
On 20.12.2016, Christoph Moench-Tegeder wrote: > Or is that just me and a local issue? Most probably. For me, it works: [htd@chiara Downloads]$ gpg --verify gnupg-2.1.17.tar.bz2.sig gnupg-2.1.17.tar.bz2 gpg: Signature made Tue 20 Dec 2016 14:59:50 CET using RSA key ID 4F25E3B6 gpg: Good

Re: [Announce] GnuPG 2.1.17 released

2016-12-20 Thread Werner Koch
On Tue, 20 Dec 2016 13:46, c...@burggraben.net said: > I believe there's something wrong with the signature of the latest > release. Sorry, my fault. To create the signature I use gpg -sbvu SIGNINGKEY gnupg-2.1.17.tar.bz2 Today I forgot the -b and thus a non-detached signature was created

Re: [Announce] GnuPG 2.1.17 released

2016-12-20 Thread Christoph Moench-Tegeder
## Christoph Moench-Tegeder (c...@burggraben.net): > This fails: > gpg: Signature made Tue Dec 20 11:33:11 2016 CET Since then, this has been fixed: gpg: Signature made Tue Dec 20 14:59:50 2016 CET gpg:using RSA key D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 gpg: Good signature

Re: [Announce] GnuPG 2.1.17 released

2016-12-20 Thread Stephan Beck
Hi, Christoph Moench-Tegeder: > Hi, > > I believe there's something wrong with the signature of the latest > release. > > ## Werner Koch (w...@gnupg.org): > >> * If you already have a version of GnuPG installed, you can simply >>verify the supplied signature. For example to verify the

Re: [Announce] GnuPG 2.1.17 released

2016-12-20 Thread Kristian Fiskerstrand
On 12/20/2016 04:21 PM, Daniel Baur wrote: > PS: What’s “public key algorithm 22”? Elliptic Curves, specifically, EdDSA (in this case the warning is likely related to a signature on the key used for verification that is using Ed25519 which can't be verified by your client application) --

Re: [Announce] GnuPG 2.1.17 released

2016-12-20 Thread Daniel Baur
Hello, Am 20.12.2016 um 13:46 schrieb Christoph Moench-Tegeder: > SHA1 (gnupg-2.1.17.tar.bz2) = d83ab893faab35f37ace772ca29b939e6a5aa6a7 > SHA1 (gnupg-2.1.17.tar.bz2.sig) = 34cea3e6d139cb340bf14f04ff217cb6960cf36d > > Or is that just me and a local issue? it works for me (see below), but the

Re: [Announce] GnuPG 2.1.17 released

2016-12-20 Thread Christoph Moench-Tegeder
Hi, I believe there's something wrong with the signature of the latest release. ## Werner Koch (w...@gnupg.org): > * If you already have a version of GnuPG installed, you can simply >verify the supplied signature. For example to verify the signature >of the file gnupg-2.1.17.tar.bz2

[Announce] GnuPG 2.1.17 released

2016-12-20 Thread Werner Koch
Hello! Today marks the 19th anniversary of GnuPG and we are pleased to announce the availability of a new release: GnuPG 2.1.17. See below for a list of new features and bug fixes. About GnuPG = The GNU Privacy Guard (GnuPG) is a complete and free implementation of the OpenPGP