Okay, nevermind, I got it verified from the command line. Thanks guys!
I am using GPG Tools for Mac, and I think its "Verify" command from the Finder
context menu tried to parse the digests file as a list of signatures - the
output looks like it was verifying the ISO, not the digests file itself
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 2017-01-11 20:14, raahe...@gmail.com wrote:
> worked for me
>
> gpg -v --verify Qubes-R3.2-x86_64.iso.DIGESTS
> gpg: armor header: Hash: SHA256
> gpg: armor header: Version: GnuPG v2
> gpg: original file name=''
> gpg: Signature made Tue 20 Sep
worked for me
gpg -v --verify Qubes-R3.2-x86_64.iso.DIGESTS
gpg: armor header: Hash: SHA256
gpg: armor header: Version: GnuPG v2
gpg: original file name=''
gpg: Signature made Tue 20 Sep 2016 01:37:03 PM EDT using RSA key ID 03FA5082
gpg: using PGP trust model
gpg: Good signature from "Qubes OS
