Hi Shawn, On Thu, Jun 14, 2012 at 06:28:54PM -0300, Shawn Pringle wrote: > I attempted to download the Open Office binary but all I get is 20 MB > of it. Yet, my browser indicates the file should be 144 MB. > > What size should the thing be.
Apache_OpenOffice_incubating_3.4.0_Win_x86_install_en-US.exe size is 145 MB Use the checksums to verify the download, they are located in http://www.apache.org/dist/incubator/ooo/files/stable/3.4.0/ > > I was able to import the keys into a keyring. Using the instructions > I run the verification procedure and I get: > gpg: Signature made 04/19/12 07:16:15 using RSA key ID 51B5FDE8 > gpg: BAD signature from "Juergen Schnmidt <[email protected]>" Did you follow these instructions? http://www.openoffice.org/download/checksums/3.4.0_checksums.html#howto They are missing for Windows. As you have Enigmail+Thunderbird, I guess you already downloaded GnuPG. Download the AOO keys: https://people.apache.org/keys/group/ooo.asc Import them: "C:\Program Files\GNU\GnuPG\gpg.exe" --import ooo.asc Download the executable and its key, then verify: "C:\Program Files\GNU\GnuPG\gpg.exe" --verify Apache_OpenOffice_incubating_3.4.0_Win_x86_install_en-US.exe.asc Apache_OpenOffice_incubating_3.4.0_Win_x86_install_en-US.exe gpg: Firmado el 04/19/12 07:20:29 usando clave RSA ID 51B5FDE8 gpg: Firma correcta de "Juergen Schmidt <[email protected]>" gpg: alias "Juergen Schmidt <[email protected]>" gpg: alias "Juergen Schmidt <[email protected]>" gpg: ATENCIÓN: ¡Esta clave no está certificada por una firma de confianza! gpg: No hay indicios de que la firma pertenezca al propietario. Huellas dactilares de la clave primaria: D09F B15F 1A24 768D DF1F A29C CFEE F316 51B5 FDE8 This output message is in Spanish, yours will be in English. You don't get a "BAD signature" message, but a warning, if you didn't trust this key before, or any of the other keys that have certified this key http://pgp.mit.edu:11371/pks/lookup?op=vindex&search=0xCFEEF31651B5FDE8 > A point of order: should I or shouldn't I sign my messages with GPG? IMHO you should always sign your mails. Notice the following in your mail: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 [...] > -----BEGIN PGP SIGNATURE----- [...] > -----END PGP SIGNATURE----- I suggest you configure Enigmail to sign using PGP/MIME instead of the old-fashioned inline-PGP, in Thunderbird's Account Settings go to OpenPGP Security and enable "Use PGP/MIME by default". See the Handbook/Help: http://www.rainydayz.org/node/68 Regards -- Ariel Constenla-Haile La Plata, Argentina
pgpj9Ldeta6B6.pgp
Description: PGP signature
