[Tails-support] Problems (not sure) certifying the Tails signing key, verifying ISO

Wed, 08 Jun 2016 13:15:05 -0700

The step "Certify the Tails signing key with your own key" produces confusing output: 

   $ gpg --lsign-key A490D0F4D311A4153E2BB7CADBB802B258ACD84F

   pub  4096R/58ACD84F  created: 2015-01-18  expires: 2017-01-11 usage: C
                         trust: unknown       validity: unknown
   sub  4096R/752A3DB6  created: 2015-01-18  expires: 2017-01-11 usage: S
   sub  4096R/2F699C56  created: 2015-01-18  expires: 2017-01-11 usage: S
   This key was revoked on 2015-10-29 by RSA key 58ACD84F Tails
   developers (offline long-term identity key) <[email protected]>
   sub  4096R/56987A65  created: 2015-01-18  revoked: 2015-10-29 usage: S
   [ unknown] (1). Tails developers (offline long-term identity key)
   <[email protected]>
   [ unknown] (2)  Tails developers <[email protected]>

   Really sign all user IDs? (y/N)

Please advise how to proceed.
The default answer (N) drops me to a gpg prompt with the hint "Select the user IDs to sign". (How? My best guess is "2", then "save".) 
The other answer (y) gets the response:

   gpg: no default secret key: secret key not available

   Key not changed so no update needed.

Is this a warning, a failure, or OK?
The verification step contains "Good signature". Is that unconditionally good? I get a warning that might be related to the certification failure, if it is a failure. I can't tell. 

   $ gpg --keyid-format 0xlong --verify tails-i386-2.4.iso.sig
   tails-i386-2.4.iso
   gpg: Signature made Mon 06 Jun 2016 04:32:28 PM EDT
   gpg:                using RSA key 0x98FEC6BC752A3DB6
   gpg: Good signature from "Tails developers (offline long-term
   identity key) <[email protected]>"
   gpg:                 aka "Tails developers <[email protected]>"
   gpg: WARNING: This key is not certified with a trusted signature!
   gpg:          There is no indication that the signature belongs to
   the owner.
   Primary key fingerprint: A490 D0F4 D311 A415 3E2B  B7CA DBB8 02B2
   58AC D84F
         Subkey fingerprint: BA2C 222F 44AC 00ED 9899  3893 98FE C6BC
   752A 3DB6

Thanks.
_______________________________________________
tails-support mailing list
[email protected]
https://mailman.boum.org/listinfo/tails-support
To unsubscribe from this list, send an empty email to 
[email protected].

Reply via email to