https://bugs.documentfoundation.org/show_bug.cgi?id=125780
Fernando <[email protected]> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|FIXED |---
Status|RESOLVED |REOPENED
Ever confirmed|0 |1
--- Comment #5 from Fernando <[email protected]> ---
Hi,
I just downloaded the LibreOffice AppImage, and had to search a lot for the
public key, until i finally did this:
$ gpg2 --keyserver hkp://keys.gnupg.net --search-keys libreoffice.org
And even then, the result was this:
$ gpg2 --verify LibreOffice-still.standard-x86_64.AppImage.asc
gpg: asumiendo que los datos firmados están en
'LibreOffice-still.standard-x86_64.AppImage'
gpg: Firmado el mié 06 may 2020 09:13:32 -03
gpg: usando RSA clave D4761B78E365B53D
gpg: Firma correcta de "Antonio Faccioli (LibreOffice AppImage Package)
<[email protected]>" [desconocido]
gpg: ATENCIÓN: ¡Esta clave no está certificada por una firma de confianza!
gpg: No hay indicios de que la firma pertenezca al propietario.
Huellas dactilares de la clave primaria: DA5E 52F8 C6C9 DC6F 1473 E903 D476
1B78 E365 B53D
So, i don't see how is this fixed. It's supposed to bring trust, otherwise why
not just publish the SHA256, that at least is easy to verify, and doesn't shows
warnings everywhere?
Regards
--
You are receiving this mail because:
You are the assignee for the bug._______________________________________________
Libreoffice-bugs mailing list
[email protected]
https://lists.freedesktop.org/mailman/listinfo/libreoffice-bugs
