[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [sysvinit-devel] Sysvinit-devel Digest, Vol 50, Issue 2
|
From: |
Jesse Smith |
|
Subject: |
Re: [sysvinit-devel] Sysvinit-devel Digest, Vol 50, Issue 2 |
|
Date: |
Sat, 14 Apr 2018 13:30:07 -0300 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 |
> Is there some way that public key can be obtained?
>
Hi Brett. Normally the key would be available through MIT's public key
server, but I just checked and it appears to be off-line. Or at least I
cannot find any keys through their web portal. This may be why gpg is
not finding the signing key.
I have uploaded the public verification key to the Svannah SysV download
folder. The file (sysvinit-verification-key.pub) is in the same
directory now as the signature file and tarball. Normally it's not ideal
to verify a key from the same location as where you got the signature,
but since the public key server seems to be down this is our next best
option.
As an extra layer of defence I'll add that the tarball for sysvinit-2.89
should have an MD5 checksum of 6a2e0776a9a3e29264ddec738ef0031c
Hopefully those two bits of information, combined, will verify that the
file is legitimate.
Jesse
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [sysvinit-devel] Sysvinit-devel Digest, Vol 50, Issue 2,
Jesse Smith <=