Does anybody know how to verify cheeseshop signatures? I was just trying:
gpg --verify roundup-0.9.0b1.tar.gz.asc roundup-0.9.0b1.tar.gz
which results in:
gpg: Signature made Fri Oct 7 01:39:29 2005 EDT using DSA key ID 41C6E930
gpg: Can't check signature: public key not found
This seems to imply that to check a signature, you have to have the
author's public key, and there's no way offered to get it via the cheese shop.
Or is it looking for *my* public key for some reason? Or am I just
confused about how this thing is supposed to work?
_______________________________________________
Catalog-sig mailing list
[email protected]
http://mail.python.org/mailman/listinfo/catalog-sig
