I've got RH 6.2 installed on an intel (well, AMD) box, and I downloaded
gmp-2.0.2-13.src.rpm from rawhide.redhat.com. An rpm --checksig says
gmp-2.0.2-13.src.rpm: md5 GPG NOT OK
Now, I understand perfectly that I can't expect any assurance of
correctness whatsoever, by Red Hat or any other author, but I would like
to know that this was a good faith effort by someone (almost anyone).
So: How do I find and add the necessary public keys to the keyring used
by rpm? RPM documentation references /etc/rpm/.pgp and /etc/rpm/macros,
but neither of those are on my system, after a (supposedly) complete
install. I don't see a GPG pubring.gpg on my system, either -- the
manpage doesn't mention GPG at all, although I see several references to
it in the rpm binary. Can anyone here save me from having to read the
rpm source code?
Or did I get a trojan copy?
As a manipulator of large numbers, gmp does have bearing on
crypto applications -- though not gpg, to judge from
rpm --requires gnupg
- Stephen P. Schaefer
--
To unsubscribe:
mail -s unsubscribe [EMAIL PROTECTED] < /dev/null
