Quantcast

Request for better instructions on verifying IDEA source signatures

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Request for better instructions on verifying IDEA source signatures

smu johnson
Hi,

I've been experimenting with the IDEA cipher 3rd party plugin files, and I keep reading about how I should verify their signatures.

Unfortunately, the help provided by the GnuPG page for that is useless.  Sure, I get the .sig files, but nowhere, not even on the FTP site itself can I find the public keys to verify the signature.

I started surfing around the GnuPG pages and read that I could find a communal verifying key in the GnuPG\doc directory, but I don't see anything in my Mingw32 installation.  And the key provided in armored ascii format does not match the signature.  Great!

My argument:  I think this is bad for getting people used to doing things right, as actually doing the safe thing has become a wild-goose chase for me.  This by no-means encourages anyone to follow proper safety protocol if the suggestion to verify the IDEA code is impossible or extremely difficult, in this instance.

Thank you for reading.


--
smu johnson <[hidden email]>


_______________________________________________
Gnupg-doc mailing list
[hidden email]
http://lists.gnupg.org/mailman/listinfo/gnupg-doc
Loading...