On Sun, Oct 8, 2023 at 14:39 Thomas Schmitt wrote:
> Hi,
Thanks, Thomas.
I did get the signers key fingeprints from their personal github pages. I
would go the full security route if it were only my use I'm concerned with,
but I'm working on a Raku module for others and I don't want them to be
"Thomas Schmitt" wrote:
> Hi,
>
> Tom Browder wrote:
> > I'm willing to trust published PGP key fingerprints for signers of
> > Rakudo downloadable files.
>
> Do i get it right that you talk about https://rakudo.org/downloads ?
>
> > Question: How can I get the fingerprint from the downloads
Hi,
Tom Browder wrote:
> I found a usable answer. Run "gpg file.asc" and the output shows the two
> fingerprints: the primary key fingerprint and the subkey fingerprint.
Wow, that's surprising.
But indeed the man page says:
COMMANDS
...
gpg may be run with no commands, in which case i
On Sun, Oct 8, 2023 at 05:13 Tom Browder wrote:
> On Sun, Oct 8, 2023 at 3:29 AM DdB
> wrote:
> > Am 08.10.2023 um 01:16 schrieb Tom Browder:
> > > I'm willing to trust published PGP key fingerprints for signers of
> > > Rakudo downloadable files.
> > > Question: How can I get the fingerprint f
Hi,
maybe
gpg --keyid-format long --verify signature_file.asc /some/dummy/file
this gives me the last 16 characters of the fingerprint. Like:
gpg:using key E9CBDFC0ABC0A854
with a matching payload file i get something like:
Primary key fingerprint: 44BC 9FD0 D688 EB
On Oct 08, 2023, Tom Browder wrote:
> On Sun, Oct 8, 2023 at 3:29 AM DdB
> wrote:
> > Am 08.10.2023 um 01:16 schrieb Tom Browder:
> > > I'm willing to trust published PGP key fingerprints for signers of
> > > Rakudo downloadable files.
> > > Question: How can I get the fingerprint from the downlo
On Sun, Oct 8, 2023 at 3:29 AM DdB
wrote:
> Am 08.10.2023 um 01:16 schrieb Tom Browder:
> > I'm willing to trust published PGP key fingerprints for signers of
> > Rakudo downloadable files.
> > Question: How can I get the fingerprint from the downloads?
> There is more than just one way to archie
Hi,
Tom Browder wrote:
> I'm willing to trust published PGP key fingerprints for signers of Rakudo
> downloadable files.
Do i get it right that you talk about https://rakudo.org/downloads ?
> Question: How can I get the fingerprint from the downloads?
> The products I download are (1) the file
Am 08.10.2023 um 01:16 schrieb Tom Browder:
> I'm willing to trust published PGP key fingerprints for signers of
> Rakudo downloadable files.
>
> Question: How can I get the fingerprint from the downloads?
>
> The products I download are (1) the file of interest, (2) a PGP signed
> checksums fi
I'm willing to trust published PGP key fingerprints for signers of Rakudo
downloadable files.
Question: How can I get the fingerprint from the downloads?
The products I download are (1) the file of interest, (2) a PGP signed
checksums file with various shaX hashes for the file, and (3) a separat
10 matches
Mail list logo