Antonio Diaz Diaz <[email protected]> writes: > I am pleased to announce the release of GNU ed 1.22.5. > > [...] > > The sha256sum is: > 56e107ddc2f29dad6690376c15bf9751509e1ee3b8241710e44edbe5c3a158cc > ed-1.22.5.tar.lz > > This release is also GPG signed. You can download the signature by > appending '.sig' to the URL. If the 'gpg --verify' command fails > because you don't have the required public key, then run one of these > commands to import it: > > gpg --recv-keys 25B62C9821501AA0 > wget http://ftpmirror.gnu.org/gnu-keyring.gpg > > Key fingerprint = 1E5A EE0B 18C0 DEB4 5D64 AA03 25B6 2C98 2150 1AA0 >
This key (1E5AEE0B18C0DEB45D64AA0325B62C9821501AA0) is different from the one you usually use for releases (1D41C14B272A2219A739FA4F8FE99503132D7742). It makes things easier for us to verify if you can cross-sign the two keys. Your new key is in the GNU keyring but I was a bit alarmed at first because the release announcement didn't mention it either. Would you be able to sign the old key with the new key, and vice-versa? Thanks. > [...] sam
signature.asc
Description: PGP signature
