unavailable gpg key
Jeff Johnson
n3npq at mac.com
Sun Sep 3 06:09:34 PDT 2006
On Sep 3, 2006, at 8:57 AM, Richard Hendershot wrote:
> so he needs to download the packages locally and delkey on them
> then update with them?
>
Basically. If the packages are remote, you might look around for the
pubkey on the site. It's kinda nutty to sign packages in a repo with
an unavailable pubkey.
> I tried getting smart to tell me more about fingerprint but... so
> what is that for?
>
The fingerprint of a gpg pubkey is the md5/sha1 (for v3 or v4
pubkeys) of
the pubkey parameters necessary to verify a signature. A fingerprint is
used as a retrieval key as well as being used to insure that the
parameters
have not been tampered with. I.e. if any parameter is changed, there
will
be a different fingerprint.
Usually only the least significant 32 bits are mentioned as a
fingerprint,
but a full blown fingerprint is 64 bits.
73 de Jeff
More information about the Smart
mailing list