Kern Sibbald schrieb: > On Sunday 11 March 2007 17:08, Pierre Bernhardt wrote: >> Hello, Hi, >> >> the signature file don't corrospond to the file: >> >> $ /cygdrive/c/Programme/Internet/GnuPT/GPG/gpg.exe -d >> winbacula-2.0.3.exe.sig gpg: Signature made 03/01/07 10:03:11 using DSA key >> ID 10A792AD >> gpg: BAD signature from "Bacula Distribution Verification Key >> (www.bacula.org)" ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
>> >> $ /cygdrive/c/Programme/Internet/GnuPT/GPG/gpg.exe --print-md md5 >> winbacula-2.0 .3.exe winbacula-2.0.3.exe.sig >> winbacula-2.0.3.exe: 0E D2 E6 6F 15 F5 9E 60 DC FB 0A 88 31 E2 71 7F >> winbacula-2.0.3.exe.sig: 57 71 4F 53 AE 02 6E BC 5F 5A 14 B8 42 29 6B 90 >> >> Check for modification please. >> >> What's wrong? > > We use public/private key cryptographic signatures rather than simple md5 > hash > codes. It is much more secure. Your wrong. The md5 is only for a test on server side. If you look above you can see the that the public key 0x10A792AD match not with the file and the sig. MfG... Pierre Bernhardt ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
