Andrew David Wong:
> On 2016-09-16 04:41, amadaus wrote:
>> I have downloaded Qubes R3.2-rc3 iso and in the course of verifying
>> signatures received the following output:
>> [user@rubbish ~]$ gpg -v --verify
>> '/home/user/Downloads/Qubes-R3.2-rc3-x86_64.iso.asc'
>> '/home/user/Downloads/Qubes-R3.2-rc3-x86_64.iso'
>> gpg: armor header: Version: GnuPG v2
>> gpg: Signature made Wed 31 Aug 2016 01:08:18 PM BST using RSA key ID
>> 03FA5082
>> gpg: using PGP trust model
>> gpg: Good signature from "Qubes OS Release 3 Signing Key"
>> gpg: binary signature, digest algorithm SHA256
>> [user@rubbish ~]$ gpg --list-sig 03FA5082
>> pub   4096R/03FA5082 2014-11-19
>> uid                  Qubes OS Release 3 Signing Key
>> sig          36879494 2014-11-19  Qubes Master Signing Key
>> sig 3        E2986940 2016-01-04  [User ID not found]
>> sig 3        03FA5082 2014-11-19  Qubes OS Release 3 Signing Key
>> As you can see signature E2986940 is unknown. I imported this key, it
>> belongs to "Kabine Diane <>"
>> This seems very suspicious. Should I delete the iso and try a fresh
>> download?
> Answered previously here:
Sorry to waste your time. I should've researched the issue more
thoroughly before posting

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
To post to this group, send email to
To view this discussion on the web visit
For more options, visit

Reply via email to