Hi, Martin and me investigated more on this issue. As a quick fix we added
keyserver-options auto-key-retrieve to his $HOME/.gnupg/gpg.conf file. Why download_sigver does not detect the missing public key is also no longer a miracle: If the users key ring contains another (in this case revoked key) for the email ID of the signer, the script directly tries to verify the signature of the downloaded file. GPG itself detects the missing public key for the used key ID. In the case of "auto-key-retrieve", GPG fixes this by downloading the key from the server, otherwise it aborts. Greets -- Christian Helmuth Genode Labs http://www.genode-labs.com/ · http://genode.org/ https://twitter.com/GenodeLabs · /ˈdʒiː.nəʊd/ Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60135031&iu=/4140/ostg.clktrk _______________________________________________ Genode-main mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/genode-main
