I can't verify downloaded files using Phillip Lord's new certificate, 3FB1EAD2. The files appear to have been signed on 2019-08-30 using Mr. Lord's previous certificate, D1D046BD, which has since been revoked.
1) Suggestions please for verifying the downloaded files? 2) Also, a gentle request to update the verification instructions on the download page. Thanks, Hans hanshenning...@yahoo.com -------- START: BACKGROUND -------- I downloaded the following files from: https://ftp.gnu.org/gnu/emacs/windows/emacs-26/ - emacs-26.3-x86_64.zip - emacs-26.3-x86_64.zip.sig I then tried to verify the files using Phillip Lord's certificate 8E64 B119 FE4B AC58 C767 D5EC E095 C1A6 3FB1 EAD2 as specified on: https://www.gnu.org/software/emacs/download.html and got the following error: The data could not be verified. Signature created on Friday, August 30, 2019 08:04:16 With unavailable certificate: ID: 0x84930FFB79B645F7DEA29AD0AC6DD3FFD1D046BD You can search the certificate on a keyserver or import it from a file. gpg: Signature made 08/30/19 08:04:16 Eastern Standard Time (Mexico) gpg: using RSA key 84930FFB79B645F7DEA29AD0AC6DD3FFD1D046BD gpg: Can't check signature: No public key I downloaded the older certificate, 0x84930FFB79B645F7DEA29AD0AC6DD3FFD1D046BD, and observed that it had since been revoked. -------- END: BACKGROUND --------
