On Fri, May 02, 2014 at 05:50:45PM -0700, mm half wrote: > I have downloaded bind-9.10.0.tar.gz from the ISC download site, imported in > the pgpkey2013.txt located at: > https://www.isc.org/downloads/software-support-policy/openpgp-key/ , and > can't seem to get any of the signature files to pass the verify test using > gpg : > > > gpg --verify bind-9.10.0.tar.gz.asc bind-9.10.0.tar.gz > gpg: WARNING: using insecure memory! > gpg: please see http://www.gnupg.org/faq.html for more information > gpg: Signature made Tue Apr 29 16:12:28 2014 EDT using RSA key ID 189CDBC5 > gpg: BAD signature from "Internet Systems Consortium, Inc. (Signing key, > 2013) <[email protected]>"
Works fine for me. Check the fingerprint on the tarball, it should be: SHA256(bind-9.10.0.tar.gz)= acc2f5cc58c121f927e02c23e7e3e2e4876139eaac4a9df71800d4a38917c887 -- Evan Hunt -- [email protected] Internet Systems Consortium, Inc. _______________________________________________ Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from this list bind-users mailing list [email protected] https://lists.isc.org/mailman/listinfo/bind-users
