Mercurial > p > roundup > code
comparison doc/security.txt @ 8370:58a1b4051a57
doc: update/clarify verifcation directions.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Fri, 11 Jul 2025 22:26:46 -0400 |
| parents | 4ac0bbb3e440 |
| children | c7a2e01793cd |
comparison
equal
deleted
inserted
replaced
| 8369:b0539a19ca65 | 8370:58a1b4051a57 |
|---|---|
| 162 gpg: Good signature from "Roundup Team (signing key for roundup releases) <roundup-devel at lists.sourceforge.net>" [unknown] | 162 gpg: Good signature from "Roundup Team (signing key for roundup releases) <roundup-devel at lists.sourceforge.net>" [unknown] |
| 163 gpg: WARNING: This key is not certified with a trusted signature! | 163 gpg: WARNING: This key is not certified with a trusted signature! |
| 164 gpg: There is no indication that the signature belongs to the owner. | 164 gpg: There is no indication that the signature belongs to the owner. |
| 165 Primary key fingerprint: 411E 354B 5D1A F261 25D6 2122 1F2D D0CB 756A 76D8 | 165 Primary key fingerprint: 411E 354B 5D1A F261 25D6 2122 1F2D D0CB 756A 76D8 |
| 166 | 166 |
| 167 which verifies the tarball integrity. The WARNING is expected and the | 167 which verifies the tarball integrity. The WARNING is expected. |
| 168 date corresponds to the newest renewal of the Roundup key. As long as | 168 The date should be close to the release date of the version of Roundup. |
| 169 you see the output starting with "Good signature from" followed by the | 169 As long as you see the output starting with "Good signature from" |
| 170 Key Info for your key, everything is OK. | 170 followed by the Key Info above, everything is OK. |
| 171 | 171 |
| 172 If something is wrong you will see:: | 172 If something is wrong you will see:: |
| 173 | 173 |
| 174 gpg: Signature made Wed 13 Jul 2022 12:24:14 AM EDT | 174 gpg: Signature made Wed 13 Jul 2022 12:24:14 AM EDT |
| 175 gpg: using RSA key 411E354B5D1AF26125D621221F2DD0CB756A76D8 | 175 gpg: using RSA key 411E354B5D1AF26125D621221F2DD0CB756A76D8 |