On Mon, 31 May 2021 21:08, mailinglisten--- said: > Hello, > > is there a reason why the new software distribution key for GnuPG ( > 0x528897B826403ADA ) comes with no chain of trust at all? It does not > have any signature from any preceding key.
I see
pub ed25519 2020-08-24 [SC] [expires: 2030-06-30]
6DAA6E64A76D2840571B4902528897B826403ADA
uid [ full ] Werner Koch (dist signing 2020)
sig!3 528897B826403ADA 2020-08-24 Werner Koch (dist signing 2020)
sig! 249B39D24F25E3B6 2020-08-24 Werner Koch (dist sig)
sig! 63113AE866587D0A 2020-08-24 w...@gnupg.org
sig! E3FDFF218E45B72B 2020-08-24 Werner Koch (wheatstone commit
signing)
But you are right, the distributed key (gnugp tarball, website) has the
key signatures removed. The problem is that you won't receive any key
signature from the usual keyserver.
I'll see that we can update the keys on the web and in gnupg. The above
mentioned key with all key sigs is attached.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
6DAA6E64A76D2840571B4902528897B826403ADA.asc
Description: application/pgp-keys
signature.asc
Description: PGP signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
