Hello there! I downloaded python msi version for Windows from http://www.python.org/download/releases/2.5.4/ .At the bottom of the page it is said that "The signatures above were generated with GnuPG<http://www.gnupg.org/> using release manager Martin v. Löwis's public key<http://www.python.org/download#pubkeys> which has a key id of 7D9DC8D2" according to this description I want to the page http://www.python.org/download/#pubkeys and downloaded the file http://www.dcl.hpi.uni-potsdam.de/people/loewis/mvl.asc and imported it into gpg as below
D:\Python>gpg --import mvl.asc.txt > > gpg: key 7D9DC8D2: "Martin v. Löwis <mar...@v.loewis.de>" not changed > > gpg: Total number processed: 1 > > gpg: unchanged: 1 > > And also I downloaded the Signature of python-2.5.4.msi from the download page http://www.python.org/download/releases/2.5.4/python-2.5.4.msi.asc But when I try to verify the integrity of the downloaded Python installation package as below > D:\Python>gpg --verify python-2.5.4.msi.asc gpg: no valid OpenPGP data found. gpg: the signature could not be verified. Please remember that the signature file (.sig or .asc) should be the first file given on the command line What am I doing wrong in this process? Please help me! Varuna
-- http://mail.python.org/mailman/listinfo/python-list
