[Bug 1767317] New: GPG Verification of Fedora 31 download is not
possible
by bugzilla@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1767317
Bug ID: 1767317
Summary: GPG Verification of Fedora 31 download is not possible
Product: Fedora Documentation
Version: devel
Status: NEW
Component: security-guide
Assignee: pbokoc(a)redhat.com
Reporter: xwarman(a)posteo.de
QA Contact: docs-qa(a)lists.fedoraproject.org
CC: pkennedy(a)redhat.com, security-guide-list(a)redhat.com,
sparks(a)redhat.com, zach(a)oglesby.co
Target Milestone: ---
Classification: Fedora
Description of problem:
I tried to verify download of FEDORA 31 with GPG as described here:
https://getfedora.org/security/ (German Version)
If I download GPG Keys, Fedora 31 is not known:
"gpg: Schlüssel E08E7E629DB62FB1: "Fedora 28 (28)
<fedora-28(a)fedoraproject.org>" nicht geändert
gpg: Schlüssel A20AA56B429476B4: "Fedora 29 (29) <fedora-29(a)fedoraproject.org>"
nicht geändert
gpg: Schlüssel EF3C111FCFC659B9: "Fedora (30)
<fedora-30-primary(a)fedoraproject.org>" nicht geändert
gpg: Schlüssel 3B49DF2A0608B895: "EPEL (6) <epel(a)fedoraproject.org>" nicht
geändert
gpg: Schlüssel 6A2FAEA2352C64E5: "Fedora EPEL (7) <epel(a)fedoraproject.org>"
nicht geändert
gpg: Schlüssel 7BB90722DBBDCF7C: "Fedora (iot 2019)
<fedora-iot-2019(a)fedoraproject.org>" nicht geändert
gpg: Anzahl insgesamt bearbeiteter Schlüssel: 6"
So, I cannot verify the checksum file:
gpg --verify-files Fedora-Workstation-31-1.9-x86_64-CHECKSUM
gpg: Signatur vom Fr 25 Okt 2019 15:09:48 CEST
gpg: mittels RSA-Schlüssel 50CB390B3C3359C4
gpg: Signatur kann nicht geprüft werden: Kein öffentlicher Schlüssel
Also, if I try to use fingerprint:
gpg2 --fingerprint 4096R/3C3359C4 2019-02-18
gpg: error reading key: Kein öffentlicher Schlüssel
Actual results:
No pub key for fedora 31 download found.
Expected results:
Successful verfification with gpg
Additional info:
German language version of documentation
--
You are receiving this mail because:
You are the QA Contact for the bug.
4 years, 6 months