Hi, kernel.org won’t provide the signatures anymore. I was politely pointed to the following site via IRC but got no reason for it.
https://www.kernel.org/category/site-news.html --- Quote --- No future PGP signatures on patches and changelogs For legacy purposes, we will continue to provide pre-generated changelogs and patches (both to the previous mainline and incremental patches to previous stable). However, from now on they will be generated by automated processes and will no longer carry detached PGP signatures. If you require cryptographically verified patches, please generate them directly from the stable git repository after verifying the PGP signatures on the tags using git verify-tag. --- EOQ --- Am Freitag, 17. August 2018, 18:07:13 CEST schrieb Ian Zimmerman: > If you browse this URL: > > https://cdn.kernel.org/pub/linux/kernel/v4.x/ > > you'll see that for each 4.14 patch up to 4.14.58 there is a > cooresponding GPG signature file: > > patch-4.14.58.sign 25-Jul-2018 09:28 833 > patch-4.14.58.xz 25-Jul-2018 09:28 1M > > etc. > > But starting with 4.14.59, there are no .sign files. Why? Is this a > bug, and if so, where do I report it? > > This breaks my lovingly duct-taped kernel update infrastructure ... -- GPG fingerprint: '00EF D31F 1B60 D5DB ADB8 31C1 C0EC E696 0E54 475B' Nils Freydank
signature.asc
Description: This is a digitally signed message part.
