Trying to verify kernel source per the page at
http://www.kernel.org/signature.html, but run into this:
-----
# gpg --verify linux-2.2.13.tar.bz2.sign linux-2.2.13.tar.bz2
gpg: Signature made Tue Oct 19 19:41:47 1999 CDT using DSA key ID 1E1A8782
gpg: Good signature from "Linux Kernel Archives Verification Key
<[EMAIL PROTECTED]>"
Could not find a valid trust path to the key. Let's see whether we
can assign some missing owner trust values.
No path leading to one of our keys found.
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
gpg: Fingerprint: 9DB4 C3A4 EF2A 3111 9072 82F3 F2A5 75DC 1E1A 8782
-----
I've imported the key on the web page:
-----
# gpg --list-keys
/root/.gnupg/pubring.gpg
------------------------
pub 1024D/1E1A8782 1999-10-05 Linux Kernel Archives Verification Key
<[EMAIL PROTECTED]>
sub 2048g/BF890930 1999-10-05
-----
Should I be concerned with the warning message?
TIA
--rgiles
---------------------------------------------------------------------------
Send administrative requests to [EMAIL PROTECTED]
