Team, I am new to Kleopatra and OPenPGP in general. I was downloading Apache Ant from the apache website in prep for using Google Web Tools. It said it would be a good idea if I used PGP (or GPG) to validate the signature on the downloaded files. So I found GPG4win, and installed it, and I have been trying to use Kleopatra to verify the signature(s) on the files. So I imported the keys from the apache website. http://www.apache.org/dist/ant/KEYS
and tried to validate the signature on the zip file. http://www.apache.org/dist/ant/binaries/apache-ant-1.8.2-bin.zip.asc http://www.apache.org/dist/ant/binaries/apache-ant-1.8.2-bin.zip Every time I try to do this it gives me a "Not enough information to check signature validity" message - with reference to the following signature: 2010-12-20 12:50 by antoine at apache.org (Key ID: 0x82A7FBCD) However, when I look this signature up using the "Lookup Certificates on Server" button, or when using an independent website, it looks like a valid signature. Am I doing something wrong? This doesn't make sense to me. Do I need to do something else, or is this an invalid signature? --ThanksMike Cline -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.kde.org/pipermail/kde-doc-english/attachments/20120204/1beb2a17/attachment.html>
