Hi Laszlo, you can find the keys on the public key servern. I've attached the fingerprints, but gpg can also show you when trying to verify it.
> Why are there two signatures in the GPG signature file (for release > 4.6) and why do the signature dates differ from the release date > (according to the website)? More signatures are better ;). Choose your own trust anchor. I've signed it after it was released. Best, lynxis Alexander Couzens <[email protected]> Key fingerprint = 390D CF78 8BF9 AA50 4F8F F1E2 C29E 9DA6 A0DF 8604 Martin Roth (coreboot developer) <[email protected]> Key fingerprint = 574C E6F6 855C FDEB 7D36 8E9D 1979 6C2B 3E4F 7DF7 -- Alexander Couzens mail: [email protected] jabber: [email protected] mobile: +4915123277221 gpg: 390D CF78 8BF9 AA50 4F8F F1E2 C29E 9DA6 A0DF 8604
pgpsA5wRMvsrd.pgp
Description: OpenPGP digital signature
-- coreboot mailing list: [email protected] https://mail.coreboot.org/mailman/listinfo/coreboot
