unofficial mirror of help-guix@gnu.org 
 help / color / mirror / Atom feed
From: Efraim Flashner <efraim@flashner.co.il>
To: Evan Rowley <rowley.evan@gmail.com>
Cc: help-guix@gnu.org
Subject: Re: GPG warning when installing on Debian 9
Date: Mon, 22 Jan 2018 21:31:37 +0200	[thread overview]
Message-ID: <20180122193137.GA16202@macbook41> (raw)
In-Reply-To: <CAMhuX2AYsTET_u09Bu7XuBz0fdM-09cJi6J31p6PbFXcOsjjPg@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 2675 bytes --]

On Mon, Jan 22, 2018 at 01:32:39PM -0500, Evan Rowley wrote:
> Hi All,
> 
> When attempting to install on Debian 9, the following was shown. I just
> wanted to ask here if this was the expected output.
> 
> evan@c32foss:~$ gpg --verify guix-binary-0.14.0.x86_64-linux.tar.xz.sig
> gpg: assuming signed data in 'guix-binary-0.14.0.x86_64-linux.tar.xz'
> gpg: Signature made Thu 07 Dec 2017 03:30:08 AM EST
> gpg:                using RSA key 3CE464558A84FDC69DB40CFB090B11993D9AEBB5
> gpg: Good signature from "Ludovic Courtès <ludo@gnu.org>" [unknown]
> gpg:                 aka "Ludovic Courtès <ludo@chbouib.org>" [unknown]
> gpg:                 aka "Ludovic Courtès (Inria) <ludovic.courtes@inria.fr>"
> [unknown]
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
> 
> The 2nd & 3rd to last lines seem somewhat concerning. This is the message I
> recieve even after following the step to add the public key from the MIT
> server.
> 
> Steps I am referring to are here:
> https://www.gnu.org/software/guix/manual/html_node/Binary-Installation.html#Binary-Installation
> 

efraim@macbook41 ~$ gpg -k 3CE464558A84FDC69DB40CFB090B11993D9AEBB5
pub   rsa4096/0x090B11993D9AEBB5 2014-08-11 [SC] [expires: 2018-04-23]
      Key fingerprint = 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
uid                   [  full  ] Ludovic Courtès <ludo@gnu.org>
uid                   [  full  ] Ludovic Courtès <ludo@chbouib.org>
uid                   [  full  ] Ludovic Courtès (Inria) <ludovic.courtes@inria.fr>
sub   rsa4096/0x2C27F831C135697E 2014-08-11 [E]

the [unknown] just means that there's no trust path between keys that
you've signed and Ludovic's key. The WARNING is just gpg's way of
displaying that information.

If it were bad it'd look more like this:
(ins)efraim@macbook41 ~$ gpg --detach-sign gpl-3.0.txt
gpg: using "CA3D8351" as default secret key for signing
(ins)efraim@macbook41 ~$ mv gpl-3.0.txt.sig farm.blend.sig
(ins)efraim@macbook41 ~$ gpg --verify farm.blend.sig
gpg: assuming signed data in 'farm.blend'
gpg: Signature made Mon 22 Jan 2018 09:30:43 PM IST
gpg:                using RSA key A28BF40C3E551372662D14F741AAE7DCCA3D8351
gpg: BAD signature from "Efraim Flashner <efraim@flashner.co.il>" [ultimate]

-- 
Efraim Flashner   <efraim@flashner.co.il>   אפרים פלשנר
GPG key = A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

  reply	other threads:[~2018-01-22 19:33 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-01-22 18:32 GPG warning when installing on Debian 9 Evan Rowley
2018-01-22 19:31 ` Efraim Flashner [this message]
2018-01-22 19:41 ` Andreas Enge

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

  List information: https://guix.gnu.org/

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180122193137.GA16202@macbook41 \
    --to=efraim@flashner.co.il \
    --cc=help-guix@gnu.org \
    --cc=rowley.evan@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).