GNU bug report logs - #11247
A missing public key.

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: fly797 <at> gmail.com
Subject: bug#11247: closed (Fwd: [gnu.org #745158] Missing public key)
Date: Sat, 21 Apr 2012 01:52:01 +0000

[Message part 1 (text/plain, inline)]

Your bug report

#11247: A missing public key.

which was filed against the emacs package, has been closed.

The explanation is attached below, along with your original report.
If you require more details, please reply to 11247 <at> debbugs.gnu.org.

-- 
11247: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=11247
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Christoph Scholtes <cschol2112 <at> googlemail.com>
To: 11247-close <at> debbugs.gnu.org
Cc: Glenn Morris <rgm <at> gnu.org>, Chong Yidong <cyd <at> stupidchicken.com>,
	fly797 <at> gmail.com, kenyon <at> kenyonralph.com,
	Stefan Monnier <monnier <at> iro.umontreal.ca>
Subject: Fwd: [gnu.org #745158] Missing public key
Date: Fri, 20 Apr 2012 19:51:11 -0600

The issue with the missing public key in the keyring has apparently been 
resolved, see below.

Christoph

-------- Original Message --------
Subject: [gnu.org #745158] Missing public key
Date: Fri, 20 Apr 2012 13:57:27 -0400
From: Ward Vandewege via RT <sysadmin <at> gnu.org>
Reply-To: sysadmin <at> gnu.org


Hi Mike,

> Subject: Public key needed to verify precompiled distribution of Emacs
>    for Windows emacs-23.4-bin-i386.zip missing from gnu-keyring.gpg.
>
> Apologies if this is not the correct email address for this issue to
>    answer this.
>
> After downloading emacs-23.4-bin-i386.zip and emacs-23.4-bin-
>    i386.zip.sig from http://ftp.gnu.org/gnu/emacs/windows and loading
>    the latest gnu-keyring.gpg from http://ftp.gnu.org/gnu/ with "gpg
>    -import", key 597F9E69 doesn't appear to be available even though
>    my keyring appears to be up-to-date:
>
> > gpg --verify emacs-23.4-bin-i386.zip.sig emacs-23.4-bin-i386.zip
> gpg: Signature made Sun Feb  5 17:56:50 2012 EST using RSA key ID
>    597F9E69
> gpg: Can't check signature: public key not found
> > gpg --import gnu-keyring.gpg | & egrep
>    'processed|unchanged|597F9E69'
> gpg: 100 keys processed so far
> gpg: 200 keys processed so far
> gpg: 300 keys processed so far
> gpg: Total number processed: 359
> gpg:              unchanged: 359
>
> I have successfully checked the signature on the 23.3 version with
>    that same gnu-keyring.gpg:
>
> > gpg --verify emacs-23.3-bin-i386.zip.sig emacs-23.3-bin-i386.zip
> gpg: Signature made Thu Mar 10 06:32:55 2011 EST using DSA key ID
>    FBD57530
> gpg: Good signature from "Sean Sieger
>    <sean.sieger <at> gmail.com<mailto:sean.sieger <at> gmail.com>>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
>    owner.
> Primary key fingerprint: 5E02 0890 E767 ABFA 369E  F830 159D 9343 FBD5
>    7530
>
> Thanks for any help you can provide,

Thanks for letting us know. The cron job that updates the gnu-keyring
file was not running due to a configuration error. That has now been
resolved, so you should be able to verify the release at this time.

Thanks,
Ward.

-- 
Ward Vandewege | CTO, Free Software Foundation
GPG Key: 25F774AB | http://identi.ca/cure | http://fsf.org/blogs/RSS

[Message part 3 (message/rfc822, inline)]

From: Chen Xiaodong <fly797 <at> gmail.com>
To: bug-gnu-emacs <at> gnu.org
Subject: A missing public key.
Date: Sun, 15 Apr 2012 22:01:56 +0800

I find that the public key(ID: 597F9E69) is not included in 
"http://ftp.gnu.org/pub/gnu/gnu-keyring.gpg", which is required to verify the 
signature of 
"http://ftp.gnu.org/pub/gnu/emacs/windows/emacs-23.3-bin-i386.zip.sig".

Please solve this bug.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.