Jason Haar writes: > Similar to the issue found Jan 1 2007, I am currently seeing > > # sa-update > error: GPG validation failed! > The update downloaded successfully, but it was not signed with a trusted GPG > key. Instead, it was signed with the following keys: > > 24F434CE > > Perhaps you need to import the channel's GPG key? > > > There is no 24F434CE key that I can find, and the thread titled > "SA-UPDATE and recent branches/3.1 rules?" seems to imply this is a > fault that can happen with some process on updates.spamassassin.org?
24F434CE is the active subkey of 5244EC45: : jm 899...; gpg -v 494178.tar.gz.asc gpg: armor header: Version: GnuPG v1.4.2 (SunOS) gpg: assuming signed data in `494178.tar.gz' gpg: Signature made Mon Jan 8 19:47:19 2007 GMT using RSA key ID 24F434CE gpg: using subkey 24F434CE instead of primary key 5244EC45 gpg: using classic trust model gpg: Good signature from "updates.spamassassin.org Signing Key <[EMAIL PROTECTED]>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 5E54 1DC9 59CB 8BAC 7C78 DFDC 4056 A61A 5244 EC45 Subkey fingerprint: 0C2B 1D71 75B8 52C6 4B3C DC71 6C55 3978 24F4 34CE gpg: binary signature, digest algorithm SHA1 sounds like your sa-update key info got lost somehow? --j.