On Mon, Jan 01, 2018 at 08:44:22AM -0800, Kyle Breneman wrote: > I have successfully verified the fingerprint for the Qubes Master Signing > Key. I have verified the Release 3 ISO signature using the Qubes Release 3 > Signing Key. How do I verify that the Release 3 signing key is good? Do I > somehow use the Qubes Master Signing Key to verify the authenticity of the > Release 3 Signing Key? If so, please explain how to do this with gpg4win? > Thanks! >
In gpg4win you can do this by importing the certificates in kleopatra. Then double-click on the R3 certificate to see the certificate details. Go to the User-IDs and Certifications tab, click on "Obtain authentications" and you should see that the R3 certificate is signed by the Master Signing Key(certificate). -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180103012404.umsmogthcdo6qtsy%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.