The web site for the PuTTY software provides GnuPG keys to verify downloads of the PuTTY software. see http://www.chiark.greenend.org.uk/~sgtatham/putty/keys.html
With these keys imported into the GnuPG public keyring, issuing "gpg --check-sigs" produced the following output (the user name has been redacted): C:/Documents and Settings/[redacted]/Application Data/gnupg\pubring.gpg ------------------------------------------------------------------------- pub 1024R/1E34AC41 2000-12-20 uid PuTTY Master Key (RSA) <[EMAIL PROTECTED]> sig! 1E34AC41 2000-12-20 PuTTY Master Key (RSA) <[EMAIL PROTECTED] rus.org> sig! B41CAE29 2000-12-20 PuTTY Releases (RSA) <[EMAIL PROTECTED] s.org> sig! 32B903A9 2000-12-20 PuTTY Development Snapshots (RSA) <putty-bugs@ lists.tartarus.org> pub 1024R/B41CAE29 2000-12-20 uid PuTTY Releases (RSA) <[EMAIL PROTECTED]> sig! B41CAE29 2000-12-20 PuTTY Releases (RSA) <[EMAIL PROTECTED] s.org> sig! 1E34AC41 2000-12-20 PuTTY Master Key (RSA) <[EMAIL PROTECTED] rus.org> pub 1024R/32B903A9 2000-12-20 uid PuTTY Development Snapshots (RSA) <[EMAIL PROTECTED] s.org> sig! 32B903A9 2000-12-20 PuTTY Development Snapshots (RSA) <putty-bugs@ lists.tartarus.org> sig! 1E34AC41 2000-12-20 PuTTY Master Key (RSA) <[EMAIL PROTECTED] rus.org> pub 1024D/6A93B34E 2000-12-20 uid PuTTY Master Key (DSA) <[EMAIL PROTECTED]> sig!3 6A93B34E 2000-12-20 PuTTY Master Key (DSA) <[EMAIL PROTECTED] rus.org> sig! 08B0A90B 2000-12-20 PuTTY Releases (DSA) <[EMAIL PROTECTED] s.org> sig! 7D3E4A00 2000-12-20 PuTTY Development Snapshots (DSA) <putty-bugs@ lists.tartarus.org> pub 1024D/08B0A90B 2000-12-20 uid PuTTY Releases (DSA) <[EMAIL PROTECTED]> sig!3 08B0A90B 2000-12-20 PuTTY Releases (DSA) <[EMAIL PROTECTED] s.org> sig! 6A93B34E 2000-12-20 PuTTY Master Key (DSA) <[EMAIL PROTECTED] rus.org> pub 1024D/7D3E4A00 2000-12-20 uid PuTTY Development Snapshots (DSA) <[EMAIL PROTECTED] s.org> sig!3 7D3E4A00 2000-12-20 PuTTY Development Snapshots (DSA) <putty-bugs@ lists.tartarus.org> sig! 6A93B34E 2000-12-20 PuTTY Master Key (DSA) <[EMAIL PROTECTED] rus.org> 4 signatures not checked due to missing keys For the self-signatures on the DSA-type keys (and only the DSA-type keys) there is a "sig!3" entry instead of a "sig!" entry. The other signatures on the DSA-type keys just have a "sig!" entry. It has been said elsewhere that the 3 in the "sig!3" entry indicates a certificate check level of 3. However, the 3 does not appear on the self-signature entries for the RSA-type keys. Is this to do with the key types (the DSA type and the RSA type), the way that the keys were created and/or signed, or some other reason? _______________________________________________ Gnupg-users mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnupg-users
