On 10/17/16, Thomas Sanders wrote:
> Am I doing something wrong here?
> gpg --verify setup-x86.exe.sig setup-x86.exe
> gpg: Signature made Fri 09 Sep 2016 02:20:02 AM PDT using DSA key ID
> gpg: BAD signature from "Cygwin <email@example.com>"
> If I am not doing something wrong, this has been going on for a few weeks.
> Please advise either way.
works for me
$ gpg --verify cygwinSetup-x86.exe.sig cygwinSetup-x86.exe
gpg: WARNING: using insecure memory!
gpg: please see http://www.gnupg.org/documentation/faqs.html for more
gpg: Signature made Fri Sep 9 05:20:02 2016 EDT using DSA key ID 676041BA
gpg: Good signature from "Cygwin <firstname.lastname@example.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 1169 DF9F 2273 4F74 3AA5 9232 A9A2 62FF 6760 41BA
have you tried downloading from both home & work? to different machines?
Problem reports: http://cygwin.com/problems.html
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple