Jason Haar writes:
> Similar to the issue found Jan 1 2007, I am currently seeing
>
> # sa-update
> error: GPG validation failed!
> The update downloaded successfully, but it was not signed with a trusted GPG
> key. Instead, it was signed with the following keys:
>
> 24F434CE
>
> Perhaps you need to import the channel's GPG key?
>
>
> There is no 24F434CE key that I can find, and the thread titled
> "SA-UPDATE and recent branches/3.1 rules?" seems to imply this is a
> fault that can happen with some process on updates.spamassassin.org?
24F434CE is the active subkey of 5244EC45:
: jm 899...; gpg -v 494178.tar.gz.asc
gpg: armor header: Version: GnuPG v1.4.2 (SunOS)
gpg: assuming signed data in `494178.tar.gz'
gpg: Signature made Mon Jan 8 19:47:19 2007 GMT using RSA key ID 24F434CE
gpg: using subkey 24F434CE instead of primary key 5244EC45
gpg: using classic trust model
gpg: Good signature from "updates.spamassassin.org Signing Key <[EMAIL
PROTECTED]>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 5E54 1DC9 59CB 8BAC 7C78 DFDC 4056 A61A 5244 EC45
Subkey fingerprint: 0C2B 1D71 75B8 52C6 4B3C DC71 6C55 3978 24F4 34CE
gpg: binary signature, digest algorithm SHA1
sounds like your sa-update key info got lost somehow?
--j.
