Hi, u...@ubuntu:~$ gpg --import id_public_key.asc gpg: key 79A9F115: "Immunity Debugger (Immunity Debugger Sign Key) <immunitydebug...@immunityinc.com>" not changed gpg: key 54BF70F2: "Immunity Debugger (Immunity Inc.) <immunitydebug...@immunityinc.com>" not changed gpg: Total number processed: 2 gpg: unchanged: 2
u...@ubuntu:~$ gpg --verify ImmunityDebugger_1_80_setup.exe.sig ImmunityDebugger_1_80_setup.exe gpg: Signature made Tuesday 07 December 2010 03:07:31 AM IST using DSA key ID 54BF70F2 gpg: Good signature from "Immunity Debugger (Immunity Inc.) <immunitydebug...@immunityinc.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 6E32 9351 3A61 5274 6FBF 8273 ABCA 792D 54BF 70F2 u...@ubuntu:~$ Is this the proper way of checking the integrity of application with .sig and public key files? Sorry if it sounds a silly question, but this is the first time I'm dealing with .sig file instead of md5/sha1 hashes. -- Thanks, Sagar Belure _______________________________________________ Ilugd mailing list Ilugd@lists.linux-delhi.org http://frodo.hserus.net/mailman/listinfo/ilugd