On 4 January 2016 at 22:25, Marcin Cieslak <[email protected]> wrote: > Hello, > > I have imported PGP keys of the texinfo maintainers from > > https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=texinfo > > % gpg --import < texinfo-keys > gpg: WARNING: using insecure memory! > gpg: please see http://www.gnupg.org/faq.html for more information > gpg: key E707FDA5: public key "Werner Lemberg <[email protected]>" imported > gpg: key 30D155AD: public key "Karl Berry <[email protected]>" imported > gpg: key 78D5264E: "Akim Demaille <[email protected]>" not changed > gpg: key 36ECC523: public key "Patrice Dumas (Pertusus) <[email protected]>" > imported > gpg: key 55D0C732: "Sergey Poznyakoff <[email protected]>" not changed > gpg: key 937EC0D2: public key "Arnold Robbins <[email protected]>" imported > gpg: Total number processed: 6 > gpg: imported: 4 (RSA: 2) > gpg: unchanged: 2 > > but the tarball seems to be signed by somebody else: > > % gpg < texinfo-6.0.tar.xz.sig > gpg: WARNING: using insecure memory! > gpg: please see http://www.gnupg.org/faq.html for more information > Detached signature. > Please enter name of data file: texinfo-6.0.tar.xz > gpg: Signature made Fri Jun 26 15:54:17 2015 CEST using DSA key ID AB37FBA9 > gpg: Can't check signature: public key not found >
You can see my public key at https://savannah.gnu.org/users/gavin. I'm trying to work out now how to get it included in the file you downloaded with the other public keys.
