Thanks All

But again, verifying the signature on windows doesn't seem to instill confidence at all
Corvwin  doesnt have a certified key
I am not a certificate expert, so I dont know how all of this works

So,  I still hope Corwin or the Windows Binaries volunteers will still be able to provide
SHA-256 hashes

PS C:\downloads> C:\"Program Files (x86)"\GnuPG\bin\gpg --keyserver keyserver.ubuntu.com --recv-keys ECE77CF417C76C1ACFCE7C2B5B6135511580F007
gpg: key 5B6135511580F007: public key "Corwin Brust <corwin@bru.st>" imported
gpg: Total number processed: 1
gpg:               imported: 1

PS C:\downloads> C:\"Program Files (x86)"\GnuPG\bin\gpg --verify .\emacs-28.1.zip.sig
gpg: assuming signed data in '.\emacs-28.1.zip'
gpg: Signature made 2022-04-21 4:11:30 PM Eastern Daylight Time
gpg:                using RSA key ECE77CF417C76C1ACFCE7C2B5B6135511580F007
gpg: Good signature from "Corwin Brust <corwin@bru.st>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: ECE7 7CF4 17C7 6C1A CFCE  7C2B 5B61 3551 1580 F007


Regards
Ali
________________________________
From: Eli Zaretskii <eliz@gnu.org>
Sent: May 28, 2022 3:06 PM
To: Ali Elshishini <shishini@outlook.com>
Cc: corwin@bru.st <corwin@bru.st>; larsi@gnus.org <larsi@gnus.org>; 55666@debbugs.gnu.org <55666@debbugs.gnu.org>
Subject: Re: bug#55666: enhancement request - SHA-256 for emacs downloads

> From: Ali Elshishini <shishini@outlook.com>
> CC: "larsi@gnus.org" <larsi@gnus.org>, "55666@debbugs.gnu.org"
>        <55666@debbugs.gnu.org>
> Date: Sat, 28 May 2022 17:14:26 +0000
>
> Also can you please share your version of this command
>
> gpg --keyserver keyserver.ubuntu.com --recv-keys 17E90D521672C04631B1183EE78DAE0F3115E06B

That's easy: you need to use the correct key signature.  The signature
is shown on the download page:

   ECE7 7CF4 17C7 6C1A CFCE 7C2B 5B61 3551 1580 F007