[kde-doc-english] Kleopatra signature validation question

Michael Cline clinemi at msn.com
Sun Feb 5 01:17:00 UTC 2012


Team, I am new to Kleopatra and OPenPGP in general. I was downloading Apache Ant from the apache website in prep for using Google Web Tools. It said it would be a good idea if I used PGP (or GPG) to validate the signature on the downloaded files. So I found GPG4win, and installed it, and I have been trying to use Kleopatra to verify the signature(s) on the files. So I imported the keys from the apache website.
http://www.apache.org/dist/ant/KEYS

and tried to validate the signature on the zip file.

http://www.apache.org/dist/ant/binaries/apache-ant-1.8.2-bin.zip.asc
http://www.apache.org/dist/ant/binaries/apache-ant-1.8.2-bin.zip
Every time I try to do this it gives me a "Not enough information to check signature validity" message - with reference to the following signature: 
2010-12-20 12:50 by antoine at apache.org (Key ID: 0x82A7FBCD)
However, when I look this signature up using the "Lookup Certificates on Server" button, or when using an independent website, it looks like a valid signature. Am I doing something wrong? This doesn't make sense to me. Do I need to do something else, or is this an invalid signature?
--ThanksMike Cline

 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-doc-english/attachments/20120204/1beb2a17/attachment.html>


More information about the kde-doc-english mailing list