Ken Moffat wrote: > If verifying keys means I need to create my own key, [...]
It doesn't. For years I have used GPG/GPG2 to verify keys and I have never told it to trust my key or anyone else's. The downside is that GPG will complain every time that it can't trust the identity of the keyholder even though it has verified that the file was signed with the key. If you can tolerate that noise then you can use GPG to verify signatures without worrying about trust. Regards, Jeremy Henty -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
