> could you please explain in which context that signing key occurs and for > what it is being used in > that context? Of course. It's been a while since I've done such, so may I have not made some basic error in this:
$ gpg --verify apl-1.9.tar.gz.sig gpg: assuming signed data in 'apl-1.9.tar.gz' gpg: Signature made Sat 29 Jun 2024 06:40:52 AM CDT gpg: using RSA key 3EB2E2ECCB2F040A26CB7F2192B68B71531B6686 gpg: Can't check signature: No public key $
