|
Boost Users : |
From: David P. Riedel (driedel_at_[hidden])
Date: 2019-12-16 21:09:59
On 12/16/19 3:55 PM, Rene Rivera via Boost-users wrote:
> On Mon, Dec 16, 2019 at 12:39 PM David P. Riedel via Boost-users
> <boost-users_at_[hidden] <mailto:boost-users_at_[hidden]>> wrote:
>
> On 12/16/19 1:08 PM, Good Guy via Boost-users wrote:
> > On 16/12/2019 17:15, David P. Riedel via Boost-users wrote:
> >> Hi
> >>
> >> I'm trying to find the boost public pgp key so I can validate the
> >> release archive against its signature file.
> >>
> >> But I can't find where to import the public key from or what it is
> >> called.
> >>
> >> Thanks for any help.
> > Where are you downloading from? I have seen asc files at this link:
> >
> > <https://dl.bintray.com/boostorg/release/1.72.0/source/>
> >
> >
> >
> Yes, I've downloaded the .7z archive and the .7z.asc signature file
>
> But when I do:Â gpg --verify using the signature and archive file
> names,
> gpg says it can't because I don't have the public key, hence my
> question.
>
>
> The archives are signed against the Bintray general key. I don't have a
> link handy to it ATM though.
>
> --
> -- Rene Rivera
> -- Grafik - Don't Assume Anything
> -- Robot Dreams - http://robot-dreams.net <http://robot-dreams.net/>
>
>
> _______________________________________________
> Boost-users mailing list
> Boost-users_at_[hidden]
> https://lists.boost.org/mailman/listinfo.cgi/boost-users
>
Thanks! the gpg --verify command which failed said the archive was
signed using RSA key 379CE192D401AB61. I tried a gpg --search-keys with
that ID and found the Bintray entry which I could then import. gpg
--verify then did complain that the imported key was untrusted so there
must be some additional step needed for this to be useful.
Boost-users list run by williamkempf at hotmail.com, kalb at libertysoft.com, bjorn.karlsson at readsoft.com, gregod at cs.rpi.edu, wekempf at cox.net