Roland, the 3.1 release tarball is signed,
http://download.savannah.gnu.org/releases/bbdb/
bbdb-3.1.tar.gz 01-Mar-2014 05:40 366K
bbdb-3.1.tar.gz.sig 01-Mar-2014 05:40 287
which is great,
$ gpg ~/tmp/bbdb-3.1.tar.gz.sig
Detached signature.
Please enter name of data file: ../bbdb3_3.1.orig.tar.gz
gpg: Signature made Sat 01 Mar 2014 04:57:58 GMT using RSA key ID 44A3B825
gpg: Can't check signature: public key not found
Debian now has facilities to automatically download and verify such
signatures, thus firmly closing the barn door.
Unfortunately I cannot find the signing key anywhere.
$ gpg --keyserver pgp.mit.edu --search 44A3B825
gpg: searching for "44A3B825" from hkp server pgp.mit.edu
gpg: key "44A3B825" not found on keyserver
An armored export of the key in that same download directory would
probably make sense. (I'm sure the NSA will know it's actually your key,
so you should be able to get them to sign it for you.)
Cheers,
--Barak.
------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/13534_NeoTech
_______________________________________________
bbdb-info@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bbdb-info
BBDB Home Page: http://bbdb.sourceforge.net/
