[clamav-users] GPG key verification please
Andrew McGlashan
andrew.mcglashan at affinityvision.com.au
Thu Mar 24 07:29:33 UTC 2016
Hi,
Can someone 'official' please verify the GPG key used for signing files?
gpg --verify clamwin-0.99-setup.exe.asc clamwin-0.99-setup.exe
gpg: Signature made 01/17/16 14:36:59 AUS Eastern Daylight Time using
DSA key ID 8CC6DDB4
gpg: Good signature from "ClamWin Free Antivirus Software Distribution
(For signing ClamWin Free Antivirus source code and binaries)
<clamwin at clamwin.com>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the
owner.
Primary key fingerprint: DF56 551A 55CD E5A6 DEC6 1847 0839 CC71 8CC6 DDB4
gpg --list-sigs --keyid-format long --fingerprint --fingerprint clamwin
pub 1024D/0839CC718CC6DDB4 2005-06-09
Key fingerprint = DF56 551A 55CD E5A6 DEC6 1847 0839 CC71 8CC6 DDB4
uid [ unknown] ClamWin Free Antivirus Software
Distribution (For signing ClamWin Free Antivirus source code and
binaries) <clamwin at clamwin.com>
sig 3 0839CC718CC6DDB4 2005-06-09 ClamWin Free Antivirus
Software Distribution (For signing ClamWin Free Antivirus source code
and binaries) <clamwin at clamwin.com>
sub 2048g/98E5FBFAE4BADE44 2005-06-09
Key fingerprint = 272E 7BE7 8A8C 513D 1E3A C9CF 98E5 FBFA E4BA DE44
sig 0839CC718CC6DDB4 2005-06-09 ClamWin Free Antivirus
Software Distribution (For signing ClamWin Free Antivirus source code
and binaries) <clamwin at clamwin.com>
Also, is it feasible to get the Windows EXE files signed with a suitable
digital certificate so as to be a double check?
And.... 1024 bit keys are very small, perhaps you need to do an update.
Kind Regards
AndrewM
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <https://lists.clamav.net/pipermail/clamav-users/attachments/20160324/5a80e707/attachment.sig>
More information about the clamav-users
mailing list