Hi All,
The DMD download is accompanied with a sig file
How exactly do I use this sig file
I am assuming I can use it in place of checksum to verify the
download
And to be honest, I have almost zero knowledge for gpg and
encryption
I googled a little but, didnt exactly find what I was hoping to
find
I tried the following command
gpg --verify dmd_2.079.0-0_amd64.deb.sig dmd_2.079.0-0_amd64.deb
which returns
gpg: Signature made Fri 02 Mar 2018 01:47:57 PM EST
gpg: using RSA key B273811612BB1939
gpg: Can't check signature: No public key
I guess this means, the file is not verified
So how can I do a complete verification?
I also downloaded the keryring file, from link in the download
page
but also couldnt figure out how to use it
Any explanation of how this gpg sig key works and how to use it
to verify the download
would be appreciated
thanks
