Thomas Schulz pisze: >> On 12/23/2010 4:09 PM, Casey Deccio wrote: >> >>> On Thu, Dec 23, 2010 at 12:49 PM, Oisin McGuinness<oi...@smbc-cm.com> >>> wrote: >>> >>> >>>> But I can't find any reference to current PGP or other signing keys; does >>>> anyone know where to find >>>> them on the www.isc.org web site or where to obtain them otherwise? >>>> >>> http://www.isc.org/about/openpgp >>> >> https://www.isc.org/about/openpgp will work as well. >> >> -- >> Dave >> > > It looks like I am a little dim today. Given gpg and the key, what steps > do I do to verify a source package? >
First, you get the tarball and the signature from isc.org (say http://www.isc.org/software/bind/972-p3/download/bind-972-p3targz ) Second, you issue gpg --verify bind-9.7.2-P3.tar.gz.asc bind-9.7.2-P3.tar.gz might work with only the signed name (gpg --verify bind-9.7.2-P3.tar.gz.asc), I'm not sure how about this case. Torinthiel _______________________________________________ bind-users mailing list bind-users@lists.isc.org https://lists.isc.org/mailman/listinfo/bind-users
