subject:"Release signatures"

Re: Release signatures

2019-02-11 Thread Carl Worth

On Sun, Feb 10 2019, David Bremner wrote: > Adam Majer writes: >> The releases are signed in a funny way. The .asc file are not detached >> signatures of the checksum, but actually contain it inside the .asc file. >> >> # gpg -v --verify notmuch-0.28.1.tar.gz.sha256.asc >> ... >> gpg: binary

Re: Release signatures

2019-02-10 Thread David Bremner

Adam Majer writes: > Hello, > > The releases are signed in a funny way. The .asc file are not detached > signatures of the checksum, but actually contain it inside the .asc file. > > # gpg -v --verify notmuch-0.28.1.tar.gz.sha256.asc > ... > gpg: binary signature, digest algorithm SHA256, key

Release signatures

2019-02-07 Thread Adam Majer

Hello, The releases are signed in a funny way. The .asc file are not detached signatures of the checksum, but actually contain it inside the .asc file. # gpg -v --verify notmuch-0.28.1.tar.gz.sha256.asc ... gpg: binary signature, digest algorithm SHA256, key algorithm rsa3072 gpg: WARNING: not a