Am 08.10.2023 um 01:16 schrieb Tom Browder:
> I'm willing to trust published PGP key fingerprints for signers of
> Rakudo downloadable files.
>
> Question: How can I get the fingerprint from the downloads?
>
> The products I download are (1) the file of interest, (2) a PGP signed
> checksums file with various shaX hashes for the file, and (3) a separate
> file containing a PGP signature.
>
> Thanks so much.
>
> -Tom
>
>
>
There is more than just one way to archieve this, first result from
G**-search returns:
https://superuser.com/questions/1297670/how-do-i-check-gpg-signature-given-only-the-fingerprint-and-key-id
which also contains security related warnings and hints.
HTH, DdB