Il giorno 22/ago/2013 16:57, "Richard Mauger"
<rmauger.util(a)virginmedia.com>
ha scritto:
Hello
On the Verify your ISO Download page
(
https://fedoraproject.org/en/verify) you have a link to Fedora's GPG
keys (curl
https://fedoraproject.org/static/fedora.gpg | gpg --import).
I have run this curl statement today and this is the output:
curl
https://fedoraproject.org/static/fedora.gpg | gpg --import
% Total % Received % Xferd Average Speed Time Time Time
Current
Dload Upload Total Spent Left
Speed
100 5363 100 5363 0 0 6195 0 --:--:-- --:--:-- --:--:--
6192
gpg: key 4B94091B: public key "Fedora Secondary (19)
<fedora(a)fedoraproject.org>" imported
gpg: key 246110C1: public key "Fedora (20) <fedora(a)fedoraproject.org>"
imported
gpg: Total number processed: 2
gpg: imported: 2 (RSA: 2)
Running gpg --list-keys then gives:
/xx/.gnupg/pubring.gpg
------------------------
pub 4096R/4B94091B 2013-06-19
uid Fedora Secondary (19) <fedora(a)fedoraproject.org>
sub 4096g/793BFD4D 2013-06-19
pub 4096R/246110C1 2013-05-16
uid Fedora (20) <fedora(a)fedoraproject.org>
Please correct me if I'm wrong, but I had assumed that the .gpg file at
fedoraproject.org/static should load more than two signatures. Also, the
Fedora Secondary (19) signature looks incorrect. Am I missing something
obvious here, or is there an issue with this link.
Thanks
Richard Mauger
--
websites mailing list
websites(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/websites
Hello Richard,
you are perfectly right, thank you for your report. I will fix it as soon
as I get in front of my PC, in a few hours.
Greetings
--
Robert Mayr
(robyduck)