You were (probably) about to bounce the following message,
which I sent a few minutes ago. As it happens, this is
the correct behaviour! A combination of a broken download
and sheer personal stupidity led to a false alarm.
Oops!
Dear List,
apologies if I'm doing something stupid...
collecting signatures from the source release of
net-snmp-5.2.1 I found that some mirrors (e.g., Kent)
have empty signatures (ugh) (not even delivered as
empty files, they just silently refuse to download!),
while the Paris mirror hands back good-looking
signatures which are in fact unhappy.
At some point in my faffing around I picked up a
file pgpkey.sig, though I no longer remember
where I found it (I didn't search for it on a key
server). In any case, it now matches
http://www.net-snmp.org/net-snmp-admin.asc
A key-server supplied me with an equivalent
(though not textually identical) version: i.e.,
it merely left the gpg keyring unchanged after
importing it.
gpg --verify net-snmp-5.2.1.tar.gz.asc
fails with
gpg: Signature made Tue 25 Jan 2005 18:10:13 GMT using DSA key ID 7800FEAC
gpg: BAD signature from "Net-SNMP Administrators
<[EMAIL PROTECTED]>"
Is it just me (I don't usually get messages like that...)
or are these files in fact badly signed?
I'm using an unmodified gpg (rather old, though: 1.2.4),
running on Linux, and I haven't had many
problems elsewhere.
Bernard Leak.
-------------------------------------------------------
This SF.Net email is sponsored by the 'Do More With Dual!' webinar happening
July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual
core and dual graphics technology at this free one hour event hosted by HP,
AMD, and NVIDIA. To register visit http://www.hp.com/go/dualwebinar
_______________________________________________
Net-snmp-users mailing list
Net-snmp-users@lists.sourceforge.net
Please see the following page to unsubscribe or change other options:
https://lists.sourceforge.net/lists/listinfo/net-snmp-users
