From mboxrd@z Thu Jan  1 00:00:00 1970
From: Efraim Flashner <efraim@flashner.co.il>
Subject: Re: GPG warning when installing on Debian 9
Date: Mon, 22 Jan 2018 21:31:37 +0200
Message-ID: <20180122193137.GA16202@macbook41>
References: <CAMhuX2AYsTET_u09Bu7XuBz0fdM-09cJi6J31p6PbFXcOsjjPg@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature"; boundary="Dxnq1zWXvFF0Q93v"
Return-path: <help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:38303)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <efraim@flashner.co.il>) id 1edhpQ-0002SU-1h
	for help-guix@gnu.org; Mon, 22 Jan 2018 14:33:42 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <efraim@flashner.co.il>) id 1edhoh-0003qn-SA
	for help-guix@gnu.org; Mon, 22 Jan 2018 14:32:24 -0500
Received: from flashner.co.il ([178.62.234.194]:40554)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <efraim@flashner.co.il>) id 1edhoh-0003p0-9c
	for help-guix@gnu.org; Mon, 22 Jan 2018 14:31:39 -0500
Content-Disposition: inline
In-Reply-To: <CAMhuX2AYsTET_u09Bu7XuBz0fdM-09cJi6J31p6PbFXcOsjjPg@mail.gmail.com>
List-Id: <help-guix.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/help-guix>,
	<mailto:help-guix-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/help-guix/>
List-Post: <mailto:help-guix@gnu.org>
List-Help: <mailto:help-guix-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/help-guix>,
	<mailto:help-guix-request@gnu.org?subject=subscribe>
Errors-To: help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org
Sender: "Help-Guix" <help-guix-bounces+gcggh-help-guix=m.gmane.org@gnu.org>
To: Evan Rowley <rowley.evan@gmail.com>
Cc: help-guix@gnu.org


--Dxnq1zWXvFF0Q93v
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Mon, Jan 22, 2018 at 01:32:39PM -0500, Evan Rowley wrote:
> Hi All,
>=20
> When attempting to install on Debian 9, the following was shown. I just
> wanted to ask here if this was the expected output.
>=20
> evan@c32foss:~$ gpg --verify guix-binary-0.14.0.x86_64-linux.tar.xz.sig
> gpg: assuming signed data in 'guix-binary-0.14.0.x86_64-linux.tar.xz'
> gpg: Signature made Thu 07 Dec 2017 03:30:08 AM EST
> gpg:                using RSA key 3CE464558A84FDC69DB40CFB090B11993D9AEBB5
> gpg: Good signature from "Ludovic Court=C3=A8s <ludo@gnu.org>" [unknown]
> gpg:                 aka "Ludovic Court=C3=A8s <ludo@chbouib.org>" [unkno=
wn]
> gpg:                 aka "Ludovic Court=C3=A8s (Inria) <ludovic.courtes@i=
nria.fr>"
> [unknown]
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EB=
B5
>=20
> The 2nd & 3rd to last lines seem somewhat concerning. This is the message=
 I
> recieve even after following the step to add the public key from the MIT
> server.
>=20
> Steps I am referring to are here:
> https://www.gnu.org/software/guix/manual/html_node/Binary-Installation.ht=
ml#Binary-Installation
>=20

efraim@macbook41 ~$ gpg -k 3CE464558A84FDC69DB40CFB090B11993D9AEBB5
pub   rsa4096/0x090B11993D9AEBB5 2014-08-11 [SC] [expires: 2018-04-23]
      Key fingerprint =3D 3CE4 6455 8A84 FDC6 9DB4  0CFB 090B 1199 3D9A EBB5
uid                   [  full  ] Ludovic Court=C3=A8s <ludo@gnu.org>
uid                   [  full  ] Ludovic Court=C3=A8s <ludo@chbouib.org>
uid                   [  full  ] Ludovic Court=C3=A8s (Inria) <ludovic.cour=
tes@inria.fr>
sub   rsa4096/0x2C27F831C135697E 2014-08-11 [E]

the [unknown] just means that there's no trust path between keys that
you've signed and Ludovic's key. The WARNING is just gpg's way of
displaying that information.

If it were bad it'd look more like this:
(ins)efraim@macbook41 ~$ gpg --detach-sign gpl-3.0.txt
gpg: using "CA3D8351" as default secret key for signing
(ins)efraim@macbook41 ~$ mv gpl-3.0.txt.sig farm.blend.sig
(ins)efraim@macbook41 ~$ gpg --verify farm.blend.sig
gpg: assuming signed data in 'farm.blend'
gpg: Signature made Mon 22 Jan 2018 09:30:43 PM IST
gpg:                using RSA key A28BF40C3E551372662D14F741AAE7DCCA3D8351
gpg: BAD signature from "Efraim Flashner <efraim@flashner.co.il>" [ultimate]

--=20
Efraim Flashner   <efraim@flashner.co.il>   =D7=90=D7=A4=D7=A8=D7=99=D7=9D =
=D7=A4=D7=9C=D7=A9=D7=A0=D7=A8
GPG key =3D A28B F40C 3E55 1372 662D  14F7 41AA E7DC CA3D 8351
Confidentiality cannot be guaranteed on emails sent or received unencrypted

--Dxnq1zWXvFF0Q93v
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEoov0DD5VE3JmLRT3Qarn3Mo9g1EFAlpmPBkACgkQQarn3Mo9
g1EMOA/+MCfunSWHNgrwsgUECAkvT7ucKMUTWDrMSjkYeMhcmOig755TSG/W5w4X
MrgRpiTL/afiikutC+huIKRAF9hunv9T0RDUH3oSEB/Mx4oJyAjz/afG76FhuY55
uB+bOk3UDAyvz/2oa5aAF8Z0BlVwJ1j/BiPagv4wbdYGgIx+2FUQffX1u7iJQEn/
nKdxGVc1kq1IDUbm9XeVlRTMixPbfE/juTPqAcRrGJU7h3dCnvhdgqtrziU8KG5k
t6uXhqKKEJVXctgs7K5WWaIg7kFvz7YlWMGNmm5qkyDHElt8WGGJZBLBnWPbz1BN
iLHE5xFZ19SoIegBvMYkIoeA1a7Fb80Yp/ZLrEg9x77wfQ3iNTl9J/bsf0+EpCE2
QEvJ+kI8+r7abwfC7QKJfy6P6h27FiSYNW+ZWiQSRrwPXNZ/6svIlOIbT1Tqe+pq
EH602AfYZPtUnOmDkm3zT9fn1atrLAFU5Sl8eULrv1JKXLFbfAMZJiKjowCTXlVv
LCWTe5QMCLtP1PDvLplUUOczeEKbjGtLbaEjpV+PWudWTw83QaIksXCxgsqDazPH
H5LirT8KtxxQ3lieLCGPbRHLCBnuEfn76pWzJR76NKk99QfZyvGuRY5twtlGLK7G
Yft5dR/bOKQv6yDdCUIw+3aBiZDXfQuoZ1r2lKZWHJ8mdhrhQi4=
=rOzG
-----END PGP SIGNATURE-----

--Dxnq1zWXvFF0Q93v--