From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp0 ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms11 with LMTPS id YN6mOFCpJWC3CgAA0tVLHw (envelope-from ) for ; Thu, 11 Feb 2021 22:01:52 +0000 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp0 with LMTPS id UKKDNFCpJWD6fwAA1q6Kng (envelope-from ) for ; Thu, 11 Feb 2021 22:01:52 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 86EC59404C7 for ; Thu, 11 Feb 2021 22:01:52 +0000 (UTC) Received: from localhost ([::1]:44282 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lAK23-00086T-Gq for larch@yhetil.org; Thu, 11 Feb 2021 17:01:51 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:58664) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lAK0D-0007M3-CT for guix-devel@gnu.org; Thu, 11 Feb 2021 16:59:57 -0500 Received: from imta-35.everyone.net ([216.200.145.35]:53916 helo=imta-38.everyone.net) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lAK06-0004iO-RH; Thu, 11 Feb 2021 16:59:57 -0500 Received: from pps.filterd (m0004961.ppops.net [127.0.0.1]) by imta-38.everyone.net (8.16.0.43/8.16.0.43) with SMTP id 11BLv3l8014671; Thu, 11 Feb 2021 13:59:43 -0800 X-Eon-Originating-Account: NOjqpozTFhRYossAzsrXbN8XDonGXJjFK9RP-fSs1z4 X-Eon-Dm: m0116787.ppops.net Received: by m0116787.mta.everyone.net (EON-AUTHRELAY2 - 53b92453) id m0116787.6000aa58.2e492f; Thu, 11 Feb 2021 13:59:36 -0800 X-Eon-Sig: AQMHrIJgJajIPSjMYAIAAAAD,cef32250236642c7109c2afc67d5c64b X-Eip: AZKP65gbAM6JhH-CYCucxXO6_9IfHaPKUvogAFNBVlQ Date: Thu, 11 Feb 2021 22:59:28 +0100 From: Bengt Richter To: Ricardo Wurmus Subject: Re: GWL 0.3.0 released Message-ID: <20210211215928.GA6833@LionPure> References: <871rdsu75q.fsf@elephly.net> <87tuqj4ora.fsf@gnu.org> <20210211163735.GA3605@LionPure> <87ft22qr17.fsf@elephly.net> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <87ft22qr17.fsf@elephly.net> User-Agent: Mutt/1.10.1 (2018-07-13) X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.369, 18.0.737 definitions=2021-02-11_07:2021-02-11, 2021-02-11 signatures=0 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 clxscore=1034 mlxlogscore=999 priorityscore=1501 adultscore=0 bulkscore=0 impostorscore=0 suspectscore=0 phishscore=0 spamscore=0 malwarescore=0 lowpriorityscore=0 mlxscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2009150000 definitions=main-2102110170 Received-SPF: pass client-ip=216.200.145.35; envelope-from=bokr@oz.net; helo=imta-38.everyone.net X-Spam_score_int: -22 X-Spam_score: -2.3 X-Spam_bar: -- X-Spam_report: (-2.3 / 5.0 requ) BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: guix-devel@gnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Development of GNU Guix and the GNU System distribution." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Bengt Richter Cc: guix-devel@gnu.org Errors-To: guix-devel-bounces+larch=yhetil.org@gnu.org Sender: "Guix-devel" X-Migadu-Flow: FLOW_IN X-Migadu-Spam-Score: -1.86 Authentication-Results: aspmx1.migadu.com; dkim=none; dmarc=none; spf=pass (aspmx1.migadu.com: domain of guix-devel-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=guix-devel-bounces@gnu.org X-Migadu-Queue-Id: 86EC59404C7 X-Spam-Score: -1.86 X-Migadu-Scanner: scn0.migadu.com X-TUID: neRBTsQ1jwUX On +2021-02-11 21:37:56 +0100, Ricardo Wurmus wrote: > > Bengt Richter writes: > > > gpg --verify gwl-0.3.0.tar.gz.sig > > gpg: assuming signed data in 'gwl-0.3.0.tar.gz' > > gpg: Signature made Sat 06 Feb 2021 09:28:59 PM CET > > gpg: using RSA key BCA689B636553801C3C62150197A5888235FACAC > > gpg: Good signature from "Ricardo Wurmus (Work) " [expired] > > gpg: aka "rekado " [expired] > > ┌──────────────────────────────────┐ > > │ gpg: Note: This key has expired! │ > > └──────────────────────────────────┘ > > You should get a fresh key from keys.openpgp.org > Its expiry is regularly extended. > Thanks for all your Fosdem/guix work first of all, but I expected --8<---------------cut here---------------start------------->8--- [17:29 ~/bs]$ gpg --keyserver keys.gnupg.net --recv-keys BCA689B636553801C3C62150197A5888235FACAC gpg: key 197A5888235FACAC: 16 signatures not checked due to missing keys ┌───────────────────────────────────────────────────────────────────────────────────────────────┐ │ gpg: key 197A5888235FACAC: "Ricardo Wurmus (Work) " not changed │ └───────────────────────────────────────────────────────────────────────────────────────────────┘ gpg: Total number processed: 1 gpg: unchanged: 1 --8<---------------cut here---------------end--------------->8--- to give me an updated key, and am left wondering why it didn't :) It seems I have a wrong default for keyserver: --8<---------------cut here---------------start------------->8--- [22:21 ~/bs]$ gpg --refresh-keys gpg: refreshing 6 keys from hkp://hkps.pool.sks-keyservers.net gpg: key 197A5888235FACAC: 14 signatures not checked due to missing keys ┌───────────────────────────────────────────────────────────────────────────────────────────────┐ │ gpg: key 197A5888235FACAC: "Ricardo Wurmus (Work) " not changed │ └───────────────────────────────────────────────────────────────────────────────────────────────┘ --8<---------------cut here---------------end--------------->8--- Maybe the original advice for getting a key should be extended with the fresh key advice above (preferably the literal gpg command line, my guess re that boxed below). This seems to do it: ┌───────────────────────────────────────────────────────────────────────────────────────┐ │ gpg --recv-keys BCA689B636553801C3C62150197A5888235FACAC --keyserver keys.openpgp.org │ └───────────────────────────────────────────────────────────────────────────────────────┘ (though my first try was "gpg --refresh-keys --keyserver keys.openpgp.org" which only found you for the keys I have). --8<---------------cut here---------------start------------->8--- [22:44 ~/bs]$ gpg --recv-keys BCA689B636553801C3C62150197A5888235FACAC --keyserver keys.openpgp.org gpg: Note: '--keyserver' is not considered an option gpg: "--keyserver" not a key ID: skipping gpg: "keys.openpgp.org" not a key ID: skipping gpg: key 197A5888235FACAC: 16 signatures not checked due to missing keys gpg: key 197A5888235FACAC: "Ricardo Wurmus (Work) " not changed gpg: Total number processed: 1 gpg: unchanged: 1 --8<---------------cut here---------------end--------------->8--- Now gpg --verify works \o/ :) > > Ricardo -- Regards, Bengt Richter