[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] SUSE Security Announcement: gpg signature checking problems (SUSE-SA:2006:014)



> ....
>       gpg: Signature made <DATE> using RSA key ID 3D25D3D9
>       gpg: Good signature from "SuSE Security Team <security@xxxxxxx>"
> 
>     where <DATE> is replaced by the date the document was signed.
> 
>     If the security team's key is not contained in your key ring, you can
>     import it from the first installation CD. To import the key, use the
>     command
> 
>       gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
> 
>   ....

Is the SuSE security team's public key broken on <http://pgp.mit.edu>?

I went there, downloaded
<http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x3D25D3D9> to (say
for brevity) file.pubkey, and then ran

gpg --import file.pubkey

This returned with:

gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

Actually, I did all this twice, including downloading, with the same
result each time.  Using gpg2 yeilded the same.  What's the deal?

-- 
"This world ain't big enough for the both of us,"
said the big noema to the little noema.


-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here