Mark Phippard wrote on Sun, 10 Apr 2022 16:30 +00:00: > Looking at past release announcements, they include a section on who > signed the release that looks like this: > > Stefan Sperling [2048R/4F7DBAA99A59B973] with fingerprint: > 8BC4 DAE0 C5A4 D65F 4044 0107 4F7D BAA9 9A59 B973 > Branko Čibej [4096R/1BCA6586A347943F] with fingerprint: > BA3C 15B1 337C F0FB 222B D41A 1BCA 6586 A347 943F > Johan Corveleyn [4096R/B59CE6D6010C8AAD] with fingerprint: > 8AA2 C10E EAAD 44F9 6972 7AEA B59C E6D6 010C 8AAD > > I am kind of at a loss for how to produce this information. Assuming > those three used the same keys as in the past, I would need to know > what this should like for: > > me > Nathan > Julian > > ... and possibly Daniel Sahlberg if he sends in a signature. Our KEYS > file only includes the fingerprint.
Our KEYS file includes the actual keys: it can be piped to «GNUPGHOME=$(mktemp -d) gpg --import» in order to verify signatures made by those keys. It's the release announcement that includes just the fingerprints. Daniel > I have tried a few commands that sort of give me this info but the > output is so different I am not sure if I would reproduce it > correctly. > > Thanks > > Mark