From unknown Tue Jun 17 20:10:21 2025
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Mailer: MIME-tools 5.509 (Entity 5.509)
Content-Type: text/plain; charset=utf-8
From: bug#33825 <33825@debbugs.gnu.org>
To: bug#33825 <33825@debbugs.gnu.org>
Subject: Status: 25.2; Failing to verify signature for ELPA debbugs package
Reply-To: bug#33825 <33825@debbugs.gnu.org>
Date: Wed, 18 Jun 2025 03:10:21 +0000

retitle 33825 25.2; Failing to verify signature for ELPA debbugs package
reassign 33825 emacs
submitter 33825 clemera <clemens.radermacher@posteo.de>
severity 33825 normal
tag 33825 patch

thanks


From debbugs-submit-bounces@debbugs.gnu.org Fri Dec 21 11:21:51 2018
Received: (at submit) by debbugs.gnu.org; 21 Dec 2018 16:21:51 +0000
Received: from localhost ([127.0.0.1]:58694 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1gaNYd-00083l-7m
	for submit@debbugs.gnu.org; Fri, 21 Dec 2018 11:21:51 -0500
Received: from eggs.gnu.org ([208.118.235.92]:50968)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <clemens.radermacher@posteo.de>) id 1gaL0O-0002tb-Or
 for submit@debbugs.gnu.org; Fri, 21 Dec 2018 08:38:21 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <clemens.radermacher@posteo.de>) id 1gaL0J-0005Oi-2Q
 for submit@debbugs.gnu.org; Fri, 21 Dec 2018 08:38:15 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=disabled
 version=3.3.2
Received: from lists.gnu.org ([2001:4830:134:3::11]:41494)
 by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <clemens.radermacher@posteo.de>)
 id 1gaL0I-0005Oa-Tb
 for submit@debbugs.gnu.org; Fri, 21 Dec 2018 08:38:14 -0500
Received: from eggs.gnu.org ([2001:4830:134:3::10]:60571)
 by lists.gnu.org with esmtp (Exim 4.71)
 (envelope-from <clemens.radermacher@posteo.de>) id 1gaL0I-0001xp-7h
 for bug-gnu-emacs@gnu.org; Fri, 21 Dec 2018 08:38:14 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <clemens.radermacher@posteo.de>) id 1gaL0E-0005Ma-Up
 for bug-gnu-emacs@gnu.org; Fri, 21 Dec 2018 08:38:14 -0500
Received: from mout02.posteo.de ([185.67.36.66]:58493)
 by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)
 (Exim 4.71) (envelope-from <clemens.radermacher@posteo.de>)
 id 1gaL0E-0005JT-KN
 for bug-gnu-emacs@gnu.org; Fri, 21 Dec 2018 08:38:10 -0500
Received: from submission (posteo.de [89.146.220.130]) 
 by mout02.posteo.de (Postfix) with ESMTPS id 3F81B2400E6
 for <bug-gnu-emacs@gnu.org>; Fri, 21 Dec 2018 14:38:08 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.de; s=2017;
 t=1545399488; bh=uquDUZu13TLsvtRX7mQprG3UgM+mjAISkt/2C49Cl+s=;
 h=To:From:Subject:Date:From;
 b=OB3r7qoLWISmXmPln0fYnQENpX2f5C2/QlttqbMB6NOOPlQKUg97hb8MG4HETxysF
 FBqYlRbVDacb7IC+Wt6mTIus9uSJA4Sy7+S0MU3tB8X+WdvK7vB2qF9XEoJjdl5kTo
 lAYdE1Agyh7CzK7FdThxTM43wfs4luBXMY2BUYl9yQ2pbd0DFRZBUqAa/789BofwOn
 6OT+irHhpiI3HghL6JHSK1nVzSnX3HafElNbekkQ0uebM+g19499bEX5gqYZKnkC+Y
 kEI25B4dpYzDd9AqCdBYry2sz6jKR9AQVLp5e2b91zpGj5bz5ZM/2tS76iw97RJtfR
 UBLkL9a5JLgTg==
Received: from customer (localhost [127.0.0.1])
 by submission (posteo.de) with ESMTPSA id 43LqSv518hz9rxT
 for <bug-gnu-emacs@gnu.org>; Fri, 21 Dec 2018 14:38:07 +0100 (CET)
To: bug-gnu-emacs@gnu.org
From: clemera <clemens.radermacher@posteo.de>
Subject: 25.2; Failing to verify signature for ELPA debbugs package
Message-ID: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
Date: Fri, 21 Dec 2018 14:38:07 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.2.1
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
 [fuzzy]
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6.x
X-Received-From: 2001:4830:134:3::11
X-Spam-Score: -4.0 (----)
X-Debbugs-Envelope-To: submit
X-Mailman-Approved-At: Fri, 21 Dec 2018 11:21:50 -0500
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -5.0 (-----)

Hi,

I get the following error when I try to install debbugs package:


Failed to verify signature debbugs-0.16.tar.sig:
Bad signature from 474F05837FBDEF9B GNU ELPA Signing Agent=20
<elpasign@elpa.gnu.org>
Command output:
gpg: Signature made Wed Oct 17 11:10:03 2018 CEST
gpg:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0 using DSA key CA442C00F91774F17F59D9B0474F05837FBDE=
F9B
gpg: BAD signature from "GNU ELPA Signing Agent <elpasign@elpa.gnu.org>"=20
[unknown]





From debbugs-submit-bounces@debbugs.gnu.org Fri Dec 21 18:39:30 2018
Received: (at 33825) by debbugs.gnu.org; 21 Dec 2018 23:39:30 +0000
Received: from localhost ([127.0.0.1]:58985 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1gaUOA-0005xi-Fz
	for submit@debbugs.gnu.org; Fri, 21 Dec 2018 18:39:30 -0500
Received: from eggs.gnu.org ([208.118.235.92]:34349)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rgm@gnu.org>) id 1gaUO8-0005xV-Jl
 for 33825@debbugs.gnu.org; Fri, 21 Dec 2018 18:39:29 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
 (envelope-from <rgm@gnu.org>) id 1gaUNz-0000lF-LR
 for 33825@debbugs.gnu.org; Fri, 21 Dec 2018 18:39:21 -0500
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on eggs.gnu.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=disabled
 version=3.3.2
Received: from fencepost.gnu.org ([2001:4830:134:3::e]:53898)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <rgm@gnu.org>)
 id 1gaUNo-0000ZI-BZ; Fri, 21 Dec 2018 18:39:08 -0500
Received: from rgm by fencepost.gnu.org with local (Exim 4.82)
 (envelope-from <rgm@gnu.org>)
 id 1gaUNn-0001Oq-5s; Fri, 21 Dec 2018 18:39:07 -0500
From: Glenn Morris <rgm@gnu.org>
To: clemera <clemens.radermacher@posteo.de>
Subject: Re: bug#33825: 25.2;
 Failing to verify signature for ELPA debbugs package
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
X-Spook: AMEMB Islamist AFSPC 2600 Magazine M-14 Los Zetas Ruby
X-Ran: T[`;I'x34<vHL<JcN'5UF],J!/5[ZwD}~yWcyKmP`A;@Co).i8\f">DRRi`y,BbC$~/-oR
X-Hue: green
X-Debbugs-No-Ack: yes
X-Attribution: GM
Date: Fri, 21 Dec 2018 18:39:07 -0500
In-Reply-To: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de> (clemera's
 message of "Fri, 21 Dec 2018 14:38:07 +0100")
Message-ID: <dvlg4ipi04.fsf@fencepost.gnu.org>
User-Agent: Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/)
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Received-From: 2001:4830:134:3::e
X-Spam-Score: -5.0 (-----)
X-Debbugs-Envelope-To: 33825
Cc: 33825@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -6.0 (------)

clemera wrote:

> Failed to verify signature debbugs-0.16.tar.sig:
> Bad signature from 474F05837FBDEF9B GNU ELPA Signing Agent
> <elpasign@elpa.gnu.org>
> Command output:
> gpg: Signature made Wed Oct 17 11:10:03 2018 CEST
> gpg:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0 using DSA key CA442C00F91774F17F59D9B0474F05837FBDEF9B
> gpg: BAD signature from "GNU ELPA Signing Agent
> <elpasign@elpa.gnu.org>" [unknown]

FWIW, it verifies fine here with Emacs 25.2, and also manually using
wget https://elpa.gnu.org/packages/debbugs-0.16.tar and tar.sig.




From debbugs-submit-bounces@debbugs.gnu.org Sat Dec 22 07:08:13 2018
Received: (at 33825) by debbugs.gnu.org; 22 Dec 2018 12:08:13 +0000
Received: from localhost ([127.0.0.1]:59212 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1gag4j-0001PL-Ft
	for submit@debbugs.gnu.org; Sat, 22 Dec 2018 07:08:13 -0500
Received: from mout01.posteo.de ([185.67.36.65]:57600)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <clemens.radermacher@posteo.de>) id 1gag4f-0001Oy-Kb
 for 33825@debbugs.gnu.org; Sat, 22 Dec 2018 07:08:11 -0500
Received: from submission (posteo.de [89.146.220.130]) 
 by mout01.posteo.de (Postfix) with ESMTPS id 7276E160064
 for <33825@debbugs.gnu.org>; Sat, 22 Dec 2018 13:08:03 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.de; s=2017;
 t=1545480483; bh=81XOLs2pkS9bkKx30t/vVnQT5bjnwKDtmaTgUCswIuk=;
 h=To:Cc:From:Subject:Date:From;
 b=bVKiZS5fjFoQ5F/8LQo74a4Ppzr0te4T+Hltl9Yyc88mGBIEDA5QPeilxdUfI3vN5
 Nu7WgodUMZpOlm4wsI/xZpmAINx5DEheHK5/fvrzymAwMSXBbbYDLhffyVkFTS10W5
 sfIHl4DD8TuJ8o/lot+GtoO3r4zXAXuPzlUi4n6XFt2jnM/XIcyiVO6OybLWoKQSjD
 m2/031rJjN/2NURSJfIVd5mqVp4TIsnG0KCJL7+yAlhM5QpNZ80DmuaMiYLP23jHxz
 Luq0JinkxDLTXBS2S/kPhvKDhJv99LL1XZxmZirTIxpNdl7uaGxzI6aVctWnQKM/Ip
 0Wk9b8zJXyTig==
Received: from customer (localhost [127.0.0.1])
 by submission (posteo.de) with ESMTPSA id 43MPQV5Zvkz6tm7;
 Sat, 22 Dec 2018 13:08:02 +0100 (CET)
To: rgm@gnu.org
From: clemera <clemens.radermacher@posteo.de>
Subject: Re: bug#33825: 25.2;, Failing to verify signature for ELPA debbugs
 package
Message-ID: <2b633737-07a2-e650-fd44-911b0afd35d8@posteo.de>
Date: Sat, 22 Dec 2018 13:08:02 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.2.1
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 33825
Cc: 33825@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

 > FWIW, it verifies fine here with Emacs 25.2

I tried it again and now it works for me, too. Strange..., what could 
have caused that it failed before?





From debbugs-submit-bounces@debbugs.gnu.org Sun Dec 30 07:12:51 2018
Received: (at 33825) by debbugs.gnu.org; 30 Dec 2018 12:12:52 +0000
Received: from localhost ([127.0.0.1]:41871 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1gdZxb-0006mZ-M9
	for submit@debbugs.gnu.org; Sun, 30 Dec 2018 07:12:51 -0500
Received: from mail-wr1-f47.google.com ([209.85.221.47]:44252)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rpluim@gmail.com>) id 1gdZxZ-0006mL-L8
 for 33825@debbugs.gnu.org; Sun, 30 Dec 2018 07:12:50 -0500
Received: by mail-wr1-f47.google.com with SMTP id z5so24585987wrt.11
 for <33825@debbugs.gnu.org>; Sun, 30 Dec 2018 04:12:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:mail-copies-to:gmane-reply-to-list
 :date:in-reply-to:message-id:mime-version:content-transfer-encoding;
 bh=Pie4wUX+C0N5aehEstbeD1GVLNbT7IQXRtfL/qGZf0A=;
 b=pPyDzkcqXmWNLtL0dI8PCfvLpoOsLE6NrerQJqiHnoutAu8r5+pDFf70sSakhK8Gl3
 dTmP7B3wqLnUmiROWLFda6rnEofIgnnK9eAo2YAEtg8U4tg/6zop3dZ0I2Tdk0mgm6kO
 U8zbl7BkWLfWBGRQ70J8HWwIfJl/cwsrELI73VUn6UkxfrJFJ2S2ICp2cG0d1XBwmas9
 kzzRRi/67ux8v3/oIyXzxGBYfuI03XRYpG8a1VIMu+fD5xm8dO0KDqIQMSzO+rp/aYl6
 rFpSoMsG7hbBVBx+up/F3wfp2Y/4To3bifPIB5WD/QyeJ4p+JM9ZNEe5pwxpNtf9retM
 ++xw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:mail-copies-to
 :gmane-reply-to-list:date:in-reply-to:message-id:mime-version
 :content-transfer-encoding;
 bh=Pie4wUX+C0N5aehEstbeD1GVLNbT7IQXRtfL/qGZf0A=;
 b=SOCZvyMpl6sIWXMgpqtBD4GxPKXvoH92vMntRiamWHF7B7aEz0MzmRnT/dEGlSUrbQ
 26hTLma2UIQlrqvMdFLEW9R3liSg08JlGOCXn2mL/lnedwevlow10p5wPsGSrseFvwTG
 ZXrSzbV8MtdEcq2jcivhsGuAtQzomopyIQZ3DFlS3gOpJuh7qTImeRChe56ovIDghi6x
 Unj/OAc5bWqnxWYe7Dzryjg7Ka7Bpxhb8G6wMbxYqCdA0WVQT6N1+QUtbNS9QWc0Rr9W
 4Eo4Fx9p2ccsQAMkBXlgHozl23YYWkT4Dl9+3Fld2Ud4S24pbcV2E18IlCwAkdSa2pgK
 078Q==
X-Gm-Message-State: AJcUukfTF1dLAjsjBfljYBzg85k+ISyEcMn/wh8GFX8edz2BMVFdc32e
 EXcY5MT3r/hMM5aBaoppEsx8QVBf
X-Google-Smtp-Source: ALg8bN4wEs1oOW0H8Z7juWoR1MXJsjapMKZ7hgeQRXmIUiiFuqxLZFu+IgyKV5H3fpiuyJ5Sn2qTOw==
X-Received: by 2002:adf:ba8e:: with SMTP id p14mr29577364wrg.230.1546171963316; 
 Sun, 30 Dec 2018 04:12:43 -0800 (PST)
Received: from rpluim-mac ([2a01:e34:ecfc:a860:44d3:c2d0:9904:c7d6])
 by smtp.gmail.com with ESMTPSA id e17sm55808429wri.36.2018.12.30.04.12.41
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Sun, 30 Dec 2018 04:12:42 -0800 (PST)
From: Robert Pluim <rpluim@gmail.com>
To: clemera <clemens.radermacher@posteo.de>
Subject: Re: bug#33825: 25.2;
 , Failing to verify signature for ELPA debbugs package
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
 <2b633737-07a2-e650-fd44-911b0afd35d8@posteo.de>
X-Debbugs-No-Ack: yes
Mail-Copies-To: never
Gmane-Reply-To-List: yes
Date: Sun, 30 Dec 2018 13:12:41 +0100
In-Reply-To: <2b633737-07a2-e650-fd44-911b0afd35d8@posteo.de> (clemera's
 message of "Sat, 22 Dec 2018 13:08:02 +0100")
Message-ID: <m28t079ps6.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -0.0 (/)
X-Debbugs-Envelope-To: 33825
Cc: rgm@gnu.org, 33825@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

clemera <clemens.radermacher@posteo.de> writes:

>> FWIW, it verifies fine here with Emacs 25.2
>
> I tried it again and now it works for me, too. Strange..., what could
> have caused that it failed before?

There are 'transparent' proxies which will untar archives and then
retar them, resulting in a file that fails signature verification even
though the contents are identical. When you then repeat the download,
the proxy knows it has previously inspected the file, and thus lets
through the original. Using https solves this issue 99% of the time.

If you=CA=BCre using https already, then I=CA=BCm out of ideas :-)

Robert




From debbugs-submit-bounces@debbugs.gnu.org Sun Dec 30 07:34:18 2018
Received: (at 33825) by debbugs.gnu.org; 30 Dec 2018 12:34:18 +0000
Received: from localhost ([127.0.0.1]:41902 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1gdaIM-0000wh-L5
	for submit@debbugs.gnu.org; Sun, 30 Dec 2018 07:34:18 -0500
Received: from mout02.posteo.de ([185.67.36.66]:52155)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <clemens.radermacher@posteo.de>) id 1gdaIK-0000wT-NT
 for 33825@debbugs.gnu.org; Sun, 30 Dec 2018 07:34:17 -0500
Received: from submission (posteo.de [89.146.220.130]) 
 by mout02.posteo.de (Postfix) with ESMTPS id 9BE8A2400E5
 for <33825@debbugs.gnu.org>; Sun, 30 Dec 2018 13:34:10 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.de; s=2017;
 t=1546173250; bh=OauUBvo9i/cOP6/xsbDwclZBjMrQ8A/B0k1Wp5fCdqI=;
 h=Subject:To:Cc:From:Date:From;
 b=r+kWQ5dF5uAOEITIs0GzPOucNeA9fQkG32SLXTQJGl7yIkzYzRZCAclY8WPNM86ek
 Np9IlfEWBJbsEZsx3Jz9ZHgQCjgp7fXbrzbtT8IDld/OKxkD+RVCE8TJH8gPReGkZu
 r5xerUqaBzEr+kbm7yrikuuzsSH3lQzLxMQZbW2ip3hGXVoqiXHa7iNpzMFO+XVgig
 a1qNyf8zqFJuse3JF1TJyx6G7KTprNWhQDkW9tpcLdjhCjz8iIcWEsZPgALwDFad6G
 YOtFLGuuv2yjiEnSdVi5BT8PefkBTfstpbumfgR/qksPz59JVFrZG+V2FSwg3saSea
 fc3m1aFXKLc2Q==
Received: from customer (localhost [127.0.0.1])
 by submission (posteo.de) with ESMTPSA id 43SKcx6FPYz9rxH;
 Sun, 30 Dec 2018 13:34:09 +0100 (CET)
Subject: Re: bug#33825: 25.2; , Failing to verify signature for ELPA debbugs
 package
To: 33825@debbugs.gnu.org
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
 <2b633737-07a2-e650-fd44-911b0afd35d8@posteo.de> <m28t079ps6.fsf@gmail.com>
From: Clemens Radermacher <clemens.radermacher@posteo.de>
Message-ID: <66111503-49dd-f295-f43f-3d07ef577697@posteo.de>
Date: Sun, 30 Dec 2018 13:34:09 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
 Thunderbird/60.2.1
MIME-Version: 1.0
In-Reply-To: <m28t079ps6.fsf@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 33825
Cc: rpluim@gmail.com
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)


On 30.12.18 13:12, Robert Pluim wrote:

> There are 'transparent' proxies which will untar archives and then
> retar them, resulting in a file that fails signature verification even
> though the contents are identical. When you then repeat the download,
> the proxy knows it has previously inspected the file, and thus lets
> through the original. Using https solves this issue 99% of the time.

That's interesting thanks! For GNU ELPA I use http indeed, because I rely on Emacs 
taking care of the verification. I don't understand why those proxies should 
unpack archives though, is that for filtering purposes?

-- 
Clemens




From debbugs-submit-bounces@debbugs.gnu.org Sun Dec 30 07:55:55 2018
Received: (at 33825) by debbugs.gnu.org; 30 Dec 2018 12:55:55 +0000
Received: from localhost ([127.0.0.1]:41905 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1gdadH-0001Sp-FQ
	for submit@debbugs.gnu.org; Sun, 30 Dec 2018 07:55:55 -0500
Received: from mail-wm1-f43.google.com ([209.85.128.43]:39643)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rpluim@gmail.com>) id 1gdadE-0001SY-G6
 for 33825@debbugs.gnu.org; Sun, 30 Dec 2018 07:55:54 -0500
Received: by mail-wm1-f43.google.com with SMTP id f81so22805816wmd.4
 for <33825@debbugs.gnu.org>; Sun, 30 Dec 2018 04:55:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:mail-copies-to:gmane-reply-to-list
 :date:in-reply-to:message-id:mime-version:content-transfer-encoding;
 bh=beS6JqkvZ6zQa3HE9POg7ilndjAgBINWLJMIh2osghI=;
 b=iTrbIIkY1ROV3MdtADbm4KpEamOXaJVVPx3qON3LEPxT+Yc/KjLKKz86pN+AGeud3F
 ko+vgsmVyduY3MGPLGUR1CM9NQ6ZpcJZYBUkERD5m8+XNp3ugj1rvScJ1YyMhsnDeL82
 VnLWZGaOZpuVSSaWoSZzDL9ShbGs2qvEldCgZ/iHeXau0IlWXeaKE5SL/ToqgF0uoQDT
 TG1qNqw3f9RSw59ztGexzoSxcSfqxxk67xK1vn8FWGH+ZP+4d+Aw1VV49wsByndWJTl0
 XrNaVbrQgPazk1IHgNpYjYsP9Uo9LcPrixEdv5Opy8yqSTEWvNHE43STgtqB7TIBXi7i
 8dtA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:mail-copies-to
 :gmane-reply-to-list:date:in-reply-to:message-id:mime-version
 :content-transfer-encoding;
 bh=beS6JqkvZ6zQa3HE9POg7ilndjAgBINWLJMIh2osghI=;
 b=DVfZFQkv6Z6jDdHfmBsTP/CVn3sN5eQuhAf7aMu2BekVSlR2579JhBJbQdD6tks+o3
 NUGlfNd/LTY7WT/h7j2GCtfvZkMJoYY2piGHDHMtiGlotF7py9PIsExL2Fr117oorx/g
 OADuW3EIIPnqu0Xy7Yx8SAjSWcuvT+JQuABAcnsnqi9ulhYse4DSqTnrWlBZrvkIcSr8
 iO05cWAvcPh4zU4BJw1dxvqR8jXxUXlA7Z4sDbVRuOyXYHor5lRRaC4wvW1ottykE+HY
 6VmdB6HWNeTXvv3W1iBTzFDPX1VhqOlcc4cgF2OEVRA39jX+687JWyK7SSaENfSFN3oh
 f5EA==
X-Gm-Message-State: AA+aEWbMES7sNlVsfpoJHmbbY1m44zQVouxcgXijF1L5usG1owEh7JNr
 rSWwpcJkBqsJF3haiRoLXjnbf+Bd
X-Google-Smtp-Source: ALg8bN6yITCRaEDW+NDKKImD2z2a4uNrDCWkgYO4mr7bT3rIt/7w98EHryPcyafdm8ddIkuQog0dyw==
X-Received: by 2002:a1c:6e06:: with SMTP id j6mr29495898wmc.3.1546174546270;
 Sun, 30 Dec 2018 04:55:46 -0800 (PST)
Received: from rpluim-mac ([2a01:e34:ecfc:a860:44d3:c2d0:9904:c7d6])
 by smtp.gmail.com with ESMTPSA id o3sm26525744wrs.30.2018.12.30.04.55.44
 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
 Sun, 30 Dec 2018 04:55:45 -0800 (PST)
From: Robert Pluim <rpluim@gmail.com>
To: Clemens Radermacher <clemens.radermacher@posteo.de>
Subject: Re: bug#33825: 25.2;
 , Failing to verify signature for ELPA debbugs package
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
 <2b633737-07a2-e650-fd44-911b0afd35d8@posteo.de>
 <m28t079ps6.fsf@gmail.com>
 <66111503-49dd-f295-f43f-3d07ef577697@posteo.de>
X-Debbugs-No-Ack: yes
Mail-Copies-To: never
Gmane-Reply-To-List: yes
Date: Sun, 30 Dec 2018 13:55:44 +0100
In-Reply-To: <66111503-49dd-f295-f43f-3d07ef577697@posteo.de> (Clemens
 Radermacher's message of "Sun, 30 Dec 2018 13:34:09 +0100")
Message-ID: <m2va3b897z.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 33825
Cc: 33825@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Clemens Radermacher <clemens.radermacher@posteo.de> writes:

> On 30.12.18 13:12, Robert Pluim wrote:
>
>> There are 'transparent' proxies which will untar archives and then
>> retar them, resulting in a file that fails signature verification even
>> though the contents are identical. When you then repeat the download,
>> the proxy knows it has previously inspected the file, and thus lets
>> through the original. Using https solves this issue 99% of the time.
>
> That's interesting thanks! For GNU ELPA I use http indeed, because I rely=
 on Emacs=20
> taking care of the verification. I don't understand why those proxies sho=
uld=20
> unpack archives though, is that for filtering purposes?

In enlightened democracies they want to see if there is any malware
hiding inside. In other types of countries they're filtering
'undesirable' content. Identifying which type you=CA=BCre living in is
becoming harder every day :-)

Robert




From debbugs-submit-bounces@debbugs.gnu.org Fri Sep 13 15:50:45 2019
Received: (at 33825) by debbugs.gnu.org; 13 Sep 2019 19:50:45 +0000
Received: from localhost ([127.0.0.1]:45632 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1i8raf-00046D-5X
	for submit@debbugs.gnu.org; Fri, 13 Sep 2019 15:50:45 -0400
Received: from mail-pf1-f175.google.com ([209.85.210.175]:35558)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <stefankangas@gmail.com>) id 1i8rae-000460-6B
 for 33825@debbugs.gnu.org; Fri, 13 Sep 2019 15:50:44 -0400
Received: by mail-pf1-f175.google.com with SMTP id 205so18731879pfw.2
 for <33825@debbugs.gnu.org>; Fri, 13 Sep 2019 12:50:44 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to:cc
 :content-transfer-encoding;
 bh=QOOgb8dXpfkNFoh330jVLIa8YXiWGO09uyFV/79mcto=;
 b=T9gjVBYcUQcAFJ5KvZRI2p3Muayl44RpeSIpWvfDfNk9z8PSy/DoenXKiIWXA9aKt/
 Q/j7I8Qi3vLv9OPdivHTPOzhwJRV+5plfm3ugpR0hkypVSUwC0xDaTHHl9wWLLvcgeon
 AHj4clZ/wqkMWXTf/XET/KBXTFjrRnO26byPPxKy+htd7cyXtsEgYpboqOncO/Qmf3V7
 sfZp63A3fvg+bpoA+WBlb6NKaV4oyxj5q89fWJSe5G7cRKLav1zQLN4LirSUCb0RBWYN
 +7gy3zZlZ0k7SF2BzIPzL0SVtl5eoQOtIMyUcCxLZAQ/ISV96UONmEL34uWP+jZo/f+9
 4puw==
X-Gm-Message-State: APjAAAV2vMe7z4R+kmYFn3sxB7ZrGaDU6letyrMjsWtFvdMK8wlSGVVm
 J+3EeRdX+lxy3P154DNa6zKzT9cnJDwR/EyqjpI=
X-Google-Smtp-Source: APXvYqzsC02LvofyFjZDM3HFa74osNLbaC8EwCtApu2sqJrTR+3mKKBA4zXf3iDeAuVMFh5I5MqLrM9OgLlVS75uLag=
X-Received: by 2002:a17:90a:17ab:: with SMTP id
 q40mr7311781pja.106.1568404238220; 
 Fri, 13 Sep 2019 12:50:38 -0700 (PDT)
MIME-Version: 1.0
From: Stefan Kangas <stefan@marxist.se>
Date: Fri, 13 Sep 2019 21:50:27 +0200
Message-ID: <CADwFkm=k12W0q2ufoknXLh3SooqBb17rCkoJg2sdyaYGf=pvkw@mail.gmail.com>
Subject: Re: bug#33825: 25.2;
 , Failing to verify signature for ELPA debbugs package
To: clemera <clemens.radermacher@posteo.de>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 33825
Cc: Glenn Morris <rgm@gnu.org>, 33825@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

Robert Pluim <rpluim@gmail.com> writes:

> clemera <clemens.radermacher@posteo.de> writes:
>
>>> FWIW, it verifies fine here with Emacs 25.2
>>
>> I tried it again and now it works for me, too. Strange..., what could
>> have caused that it failed before?
>
> There are 'transparent' proxies which will untar archives and then
> retar them, resulting in a file that fails signature verification even
> though the contents are identical. When you then repeat the download,
> the proxy knows it has previously inspected the file, and thus lets
> through the original. Using https solves this issue 99% of the time.
>
> If you=CA=BCre using https already, then I=CA=BCm out of ideas :-)

The reporter verified he was indeed using http.  Is there anything
that can or should be done here, or is this to be closed as notabug?

Best regards,
Stefan Kangas




From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 16 05:07:44 2019
Received: (at 33825) by debbugs.gnu.org; 16 Sep 2019 09:07:44 +0000
Received: from localhost ([127.0.0.1]:49196 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1i9mz1-0007YK-SN
	for submit@debbugs.gnu.org; Mon, 16 Sep 2019 05:07:44 -0400
Received: from mail-wm1-f48.google.com ([209.85.128.48]:38531)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rpluim@gmail.com>) id 1i9myz-0007Y4-7W
 for 33825@debbugs.gnu.org; Mon, 16 Sep 2019 05:07:42 -0400
Received: by mail-wm1-f48.google.com with SMTP id o184so9294344wme.3
 for <33825@debbugs.gnu.org>; Mon, 16 Sep 2019 02:07:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:mail-copies-to:gmane-reply-to-list
 :date:in-reply-to:message-id:mime-version:content-transfer-encoding;
 bh=/hAvgBqxcWvwfFRGYbFxFqxsw6L1ubYk13j8Ikiqfxw=;
 b=uBIvoyueeG46yyi6ClJh3ZgqeRSlXU+ZJXI1Zg0sZOqNmasAm9q5O4Tot/cQuNQWCX
 P3VkILJFfMdDRFrCcD1zZLQufrfFBYtmfWd20KZflkiTnYkC/IbcFWcnPc+WpMFUTsM9
 l6wQevOiuTRtR9wUGTarY70H1XRUInvSIaed0DEsOfjssjtoFz49KwweHKt2nYNDzEmn
 GQhGX1VIiMnHG0pnxxDVEZj96q7/u+AN/ffhzB3NFUpE+/DVOeryw2GmNyPTwhkhdtET
 e8ziyV4sC/JzbrUD0F7nbgV3kplBWpkhRuTdFjxBlIsguqe69MPjjFen1/g51DEeyW5j
 9Dxg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:mail-copies-to
 :gmane-reply-to-list:date:in-reply-to:message-id:mime-version
 :content-transfer-encoding;
 bh=/hAvgBqxcWvwfFRGYbFxFqxsw6L1ubYk13j8Ikiqfxw=;
 b=BhLw7w+65pOmh3qoXKDqocglU+35b3CnI4SEX+L2l5595MLhQSDsBDOxWSEdWPFx3W
 t38VrgRDnw7k76GYaPBTvVN92IXE13NbFWx29LMfPp4LCi92IQUFy6l/NHDEBmktyy1v
 YxOyJBXI6r7BEqUwlQsyxTP0b/VYWsIGJ3b97LYt6qyzcQT7mOQYPsJ7T6gwSAtyirmk
 5uLlw0wq/jmbDRxoCUKtUJqBkJJA7F8aO0hSYeS3RWRCQQ5Y/jiJmi76AwfXH3yXAZ/A
 N5YxAWvtLL+cS94DemZocDlBk0qdMdA1UV9yCAM5mPrYZcJPRRClQdFEvFF0zP+OiZ1e
 ITiw==
X-Gm-Message-State: APjAAAX6uAbn3dhZpVoyozwDXZviE2ZIm7HDG9btN/kDtTaPhCKxi0wq
 9e/AmFh6VsoMIrAIGu91Fh491gm6
X-Google-Smtp-Source: APXvYqzBBTpB9OfBq5sDeAZUOhmOFPdXoPVRgxxY6tdFwuEW8UYEbdrLHZURSFlANxzR3HCWMA36SA==
X-Received: by 2002:a1c:f518:: with SMTP id t24mr12492913wmh.98.1568624854798; 
 Mon, 16 Sep 2019 02:07:34 -0700 (PDT)
Received: from rpluim-mac ([2a01:e34:ecfc:a860:849:285f:e130:f63b])
 by smtp.gmail.com with ESMTPSA id a18sm63458112wrh.25.2019.09.16.02.07.33
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 16 Sep 2019 02:07:33 -0700 (PDT)
From: Robert Pluim <rpluim@gmail.com>
To: Stefan Kangas <stefan@marxist.se>
Subject: Re: bug#33825: 25.2; , Failing to verify signature for ELPA debbugs
 package
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
 <CADwFkm=k12W0q2ufoknXLh3SooqBb17rCkoJg2sdyaYGf=pvkw@mail.gmail.com>
X-Debbugs-No-Ack: yes
Mail-Copies-To: never
Gmane-Reply-To-List: yes
Date: Mon, 16 Sep 2019 11:07:32 +0200
In-Reply-To: <CADwFkm=k12W0q2ufoknXLh3SooqBb17rCkoJg2sdyaYGf=pvkw@mail.gmail.com>
 (Stefan Kangas's message of "Fri, 13 Sep 2019 21:50:27 +0200")
Message-ID: <m2sgow623v.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 33825
Cc: 33825@debbugs.gnu.org, clemera <clemens.radermacher@posteo.de>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

>>>>> On Fri, 13 Sep 2019 21:50:27 +0200, Stefan Kangas <stefan@marxist.se>=
 said:

    Stefan> Robert Pluim <rpluim@gmail.com> writes:
    >> clemera <clemens.radermacher@posteo.de> writes:
    >>=20
    >>>> FWIW, it verifies fine here with Emacs 25.2
    >>>=20
    >>> I tried it again and now it works for me, too. Strange..., what cou=
ld
    >>> have caused that it failed before?
    >>=20
    >> There are 'transparent' proxies which will untar archives and then
    >> retar them, resulting in a file that fails signature verification ev=
en
    >> though the contents are identical. When you then repeat the download,
    >> the proxy knows it has previously inspected the file, and thus lets
    >> through the original. Using https solves this issue 99% of the time.
    >>=20
    >> If you=CA=BCre using https already, then I=CA=BCm out of ideas :-)

    Stefan> The reporter verified he was indeed using http.  Is there anyth=
ing
    Stefan> that can or should be done here, or is this to be closed as not=
abug?

I think this is notabug. We can always reopen it if needed.

Robert




From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 16 07:05:16 2019
Received: (at 33825) by debbugs.gnu.org; 16 Sep 2019 11:05:17 +0000
Received: from localhost ([127.0.0.1]:49291 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1i9ook-000487-KU
	for submit@debbugs.gnu.org; Mon, 16 Sep 2019 07:05:16 -0400
Received: from mail-pg1-f178.google.com ([209.85.215.178]:36391)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <stefankangas@gmail.com>) id 1i9ooi-00047q-CS
 for 33825@debbugs.gnu.org; Mon, 16 Sep 2019 07:05:13 -0400
Received: by mail-pg1-f178.google.com with SMTP id m29so3362875pgc.3
 for <33825@debbugs.gnu.org>; Mon, 16 Sep 2019 04:05:12 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=AwSmUMNW2LKUPTvJABZJkHfH6ncWTGaFEcZ+kn5eLtc=;
 b=Y7RfaiQVG+qSyFyn8RVQNb7TaM5NZEx4mux1+rXpB0dfrn+TEsmE9Xfiq4zdrd12Zo
 mOl8Cd7s2xD7ouvWLTtIGZSKKQpE9pHfm6Jd0SalwHZe4+p5lVQmLhZto+NFg1GckgBt
 8WNZui55BXdeyRMYQrP4yDza1oLfgXOUmo0eeFOIDUyFl6ok6k/IwC18tFwMG85ldbhs
 qiJUGsnxejGX4elNbYQwAYSwE7AnNcyJfLIIbk8em/N2YLwcf8XNmbGAOIN3GrLUIOJP
 H2ZlwdhrXLHf4B6GBuIBAflDRqegQe4rK7pBu4H38nkNPcM4PsS+IuDBILbktOus0NMr
 xpJQ==
X-Gm-Message-State: APjAAAVLN+qOZXmzF76HeD7E2PkPS7j8zS0jVZ2iLZpPFmtYg9MHRVHt
 hUdhHts99wH4YibRoZVczt0740yUwlRfifaIp6Q=
X-Google-Smtp-Source: APXvYqxJCdKTQXcPv6k8ttFLSIS0eoE2kGxmWVeG4NHKA70p7JLVgmRhapR/yK8iVw2GEtXoj/myqJ89MterTZj0wHA=
X-Received: by 2002:a63:4c5c:: with SMTP id m28mr58356229pgl.333.1568631905968; 
 Mon, 16 Sep 2019 04:05:05 -0700 (PDT)
MIME-Version: 1.0
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
 <CADwFkm=k12W0q2ufoknXLh3SooqBb17rCkoJg2sdyaYGf=pvkw@mail.gmail.com>
 <m2sgow623v.fsf@gmail.com>
In-Reply-To: <m2sgow623v.fsf@gmail.com>
From: Stefan Kangas <stefan@marxist.se>
Date: Mon, 16 Sep 2019 13:04:55 +0200
Message-ID: <CADwFkm=-rUT=YijPQt7rZm5OeZLQ-bkfh7W2dnhhj8YHO_C=Cw@mail.gmail.com>
Subject: Re: bug#33825: 25.2;
 , Failing to verify signature for ELPA debbugs package
To: Robert Pluim <rpluim@gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 0.3 (/)
X-Debbugs-Envelope-To: 33825
Cc: 33825@debbugs.gnu.org, clemera <clemens.radermacher@posteo.de>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

Robert Pluim <rpluim@gmail.com> writes:

>     Stefan> The reporter verified he was indeed using http.  Is there anything
>     Stefan> that can or should be done here, or is this to be closed as notabug?
>
> I think this is notabug. We can always reopen it if needed.

Perhaps we could also add something about this issue to PROBLEMS?

How about also adding a recommendation to use https, as far as
possible, for package archives?  I guess that could be added to both
the doc string of package-archives and possibly also the manual.  That
would help security and avoid issues such as these.

Best regards,
Stefan Kangas




From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 16 09:28:20 2019
Received: (at 33825) by debbugs.gnu.org; 16 Sep 2019 13:28:20 +0000
Received: from localhost ([127.0.0.1]:49430 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1i9r3D-0003MC-Tu
	for submit@debbugs.gnu.org; Mon, 16 Sep 2019 09:28:20 -0400
Received: from mail-wr1-f49.google.com ([209.85.221.49]:36818)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rpluim@gmail.com>) id 1i9r3A-0003Lp-VF
 for 33825@debbugs.gnu.org; Mon, 16 Sep 2019 09:28:18 -0400
Received: by mail-wr1-f49.google.com with SMTP id y19so38900235wrd.3
 for <33825@debbugs.gnu.org>; Mon, 16 Sep 2019 06:28:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:mail-copies-to:gmane-reply-to-list
 :date:in-reply-to:message-id:mime-version:content-transfer-encoding;
 bh=J2rIHxNvkhEwpaRtM/mWUPbPDRrG75nIYqPgnNGTsbc=;
 b=XtLlCHsKLlEyxk6LisSNnov7iVITuOskfCbSDrPggd9WRuEsxa4c3ew5Gfv6AoZ3fR
 vuqSaS4rQ8g573Cw139UcSOJfHJ2fIEcfNXi894o76cV4CF5eIYS59GYQihNfVWsxL7s
 A/QcaEz5spDHB8rX9uBT+Nsj01rwzlZ2qYlCehT76PdwLfZY5onJmzEMIUnJSR+xn9mR
 V+f9oMZVhdJSjhRDKlYaBvBlxy6Pd4w1diD+hLdN5EQiF6PEGmJpTseADiV2EUUjhzXh
 QUONQPPEvpR8mhPh6vMcragbd5mmA3KWCdXTXG1poUJzhFYQQkI/O/6wpwxkMjROgJSF
 qL4Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:mail-copies-to
 :gmane-reply-to-list:date:in-reply-to:message-id:mime-version
 :content-transfer-encoding;
 bh=J2rIHxNvkhEwpaRtM/mWUPbPDRrG75nIYqPgnNGTsbc=;
 b=ac//b75hrbSYgST7eggtCDp9wBspIghU0gQcKEgvh2w2tuiIH8PQPOjAuSjkWhmrOl
 Uhep3tcgg1jCR/XcdIiZAlszAJBQFENUjK2M0pS0o9rRBxg5DzqSXewPk+KhmdgUXZ8s
 fRYvwuaBq4F2uxsldhVpn2OCaKCvFShRovz75WxqOiklIQuV9qqWVx90puM1WPl/RH8L
 bf2qwNi7uXc8QWF4cHxdt/G4HlklBaRqI8cto7LSBSuvDhiB/Xraq12q+eEyohLTkcQi
 v9RKmXhX96Rf0vSIksVYyXBn/7czafaA/+gAsvo+eTk1OE2OAiqsFXgGBlyU3Rcowy7w
 geSg==
X-Gm-Message-State: APjAAAVWRJxRmBywHqnSXw5OBIq8oOel3lhZv2yH2hxYGWvFjBzIU8rs
 4wyekf+sf5gyOzbMsBzLKOE=
X-Google-Smtp-Source: APXvYqy0+a5gORdshXCzj+pkIKCEF+SIRx3ejo98InVo0we3itSckCPPofXE9GrdhC2guwYGKtzImw==
X-Received: by 2002:a5d:678a:: with SMTP id v10mr48641370wru.145.1568640490862; 
 Mon, 16 Sep 2019 06:28:10 -0700 (PDT)
Received: from rpluim-mac ([2a01:e34:ecfc:a860:849:285f:e130:f63b])
 by smtp.gmail.com with ESMTPSA id x5sm56404281wrg.69.2019.09.16.06.28.09
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 16 Sep 2019 06:28:09 -0700 (PDT)
From: Robert Pluim <rpluim@gmail.com>
To: Stefan Kangas <stefan@marxist.se>
Subject: Re: bug#33825: 25.2; , Failing to verify signature for ELPA debbugs
 package
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
 <CADwFkm=k12W0q2ufoknXLh3SooqBb17rCkoJg2sdyaYGf=pvkw@mail.gmail.com>
 <m2sgow623v.fsf@gmail.com>
 <CADwFkm=-rUT=YijPQt7rZm5OeZLQ-bkfh7W2dnhhj8YHO_C=Cw@mail.gmail.com>
X-Debbugs-No-Ack: yes
Mail-Copies-To: never
Gmane-Reply-To-List: yes
Date: Mon, 16 Sep 2019 15:28:07 +0200
In-Reply-To: <CADwFkm=-rUT=YijPQt7rZm5OeZLQ-bkfh7W2dnhhj8YHO_C=Cw@mail.gmail.com>
 (Stefan Kangas's message of "Mon, 16 Sep 2019 13:04:55 +0200")
Message-ID: <m2k1a85q1k.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 33825
Cc: 33825@debbugs.gnu.org, clemera <clemens.radermacher@posteo.de>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

>>>>> On Mon, 16 Sep 2019 13:04:55 +0200, Stefan Kangas <stefan@marxist.se>=
 said:

    Stefan> Robert Pluim <rpluim@gmail.com> writes:
    Stefan> The reporter verified he was indeed using http.  Is there anyth=
ing
    Stefan> that can or should be done here, or is this to be closed as not=
abug?
    >>=20
    >> I think this is notabug. We can always reopen it if needed.

    Stefan> Perhaps we could also add something about this issue to PROBLEM=
S?

Maybe.

    Stefan> How about also adding a recommendation to use https, as far as
    Stefan> possible, for package archives?  I guess that could be added to=
 both
    Stefan> the doc string of package-archives and possibly also the manual=
.  That
    Stefan> would help security and avoid issues such as these.

This I=CA=BCd be more in favour of.

Robert




From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 16 10:30:14 2019
Received: (at 33825) by debbugs.gnu.org; 16 Sep 2019 14:30:14 +0000
Received: from localhost ([127.0.0.1]:50733 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1i9s18-0007Oo-Cq
	for submit@debbugs.gnu.org; Mon, 16 Sep 2019 10:30:14 -0400
Received: from eggs.gnu.org ([209.51.188.92]:43512)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <eliz@gnu.org>) id 1i9s16-0007Nf-P4
 for 33825@debbugs.gnu.org; Mon, 16 Sep 2019 10:30:13 -0400
Received: from fencepost.gnu.org ([2001:470:142:3::e]:51482)
 by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from <eliz@gnu.org>)
 id 1i9s11-0003BI-Cc; Mon, 16 Sep 2019 10:30:07 -0400
Received: from [176.228.60.248] (port=2730 helo=home-c4e4a596f7)
 by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256)
 (Exim 4.82) (envelope-from <eliz@gnu.org>)
 id 1i9s0x-0007Ft-Bm; Mon, 16 Sep 2019 10:30:04 -0400
Date: Mon, 16 Sep 2019 17:29:59 +0300
Message-Id: <837e68xqjc.fsf@gnu.org>
From: Eli Zaretskii <eliz@gnu.org>
To: Stefan Kangas <stefan@marxist.se>
In-reply-to: <CADwFkm=-rUT=YijPQt7rZm5OeZLQ-bkfh7W2dnhhj8YHO_C=Cw@mail.gmail.com>
 (message from Stefan Kangas on Mon, 16 Sep 2019 13:04:55 +0200)
Subject: Re: bug#33825: 25.2;
 , Failing to verify signature for ELPA debbugs package
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
 <CADwFkm=k12W0q2ufoknXLh3SooqBb17rCkoJg2sdyaYGf=pvkw@mail.gmail.com>
 <m2sgow623v.fsf@gmail.com>
 <CADwFkm=-rUT=YijPQt7rZm5OeZLQ-bkfh7W2dnhhj8YHO_C=Cw@mail.gmail.com>
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 33825
Cc: rpluim@gmail.com, 33825@debbugs.gnu.org, clemens.radermacher@posteo.de
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

> From: Stefan Kangas <stefan@marxist.se>
> Date: Mon, 16 Sep 2019 13:04:55 +0200
> Cc: 33825@debbugs.gnu.org, clemera <clemens.radermacher@posteo.de>
> 
> > I think this is notabug. We can always reopen it if needed.
> 
> Perhaps we could also add something about this issue to PROBLEMS?

Feel free to do that.

> How about also adding a recommendation to use https, as far as
> possible, for package archives?  I guess that could be added to both
> the doc string of package-archives and possibly also the manual.  That
> would help security and avoid issues such as these.

I'd leave this out of the manual.  Doc string should be enough.




From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 16 15:13:33 2019
Received: (at 33825) by debbugs.gnu.org; 16 Sep 2019 19:13:33 +0000
Received: from localhost ([127.0.0.1]:51087 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1i9wRI-0002Sv-Vr
	for submit@debbugs.gnu.org; Mon, 16 Sep 2019 15:13:33 -0400
Received: from mail-pg1-f182.google.com ([209.85.215.182]:42868)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <stefankangas@gmail.com>) id 1i9wRH-0002Sh-7S
 for 33825@debbugs.gnu.org; Mon, 16 Sep 2019 15:13:31 -0400
Received: by mail-pg1-f182.google.com with SMTP id z12so524017pgp.9
 for <33825@debbugs.gnu.org>; Mon, 16 Sep 2019 12:13:31 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=1kbgS01rB+gH49MjJajc1jnnW76hvwMm3dLKdAA+HF4=;
 b=kFGiU7O2OtkbIL4NDTG/Dg/tSaOwk3KRaL8W/Ggs3rxBPN7C/Rhp1aMAvitA3xrJ87
 Xgowzmu1sSs2DZ3yrDQj7b3nwQxBYJzMcwQXtBcWQ+h3vBnYkMwAjscM17VD7atX+WhX
 bTixrF/sMd2TxCi9DJSToAU7ot5cCiIitb/ETNFk85xtFAPj3D/GJMkxfogf30f1ZXcF
 r8Yx40Kcll9B0jdLywpPL8KHleTvYN7vtEwEYJvXoJEVjHmTdFLwfzTfHFH2FLnU4m6b
 N0mPSrr+Um45m3BzGIXMP4INgJRiOMaGbSG9/I9hLI/0YedXxMGynkJwzWEOV8MSwJy7
 KqEQ==
X-Gm-Message-State: APjAAAVVA4CD7X5/AEg7YJyvbRFd///OFMTY8RRNT0exaOSLDst7IEjs
 1yAPDrWZqeSEL7ui5EBlRVHR8NY75c6AnM8Mhtw=
X-Google-Smtp-Source: APXvYqwE+P0OPlsrKHTzM3Q7ND4xi637kYQtBsszhENcaiisk7DchRtYX1VFPVuvqCqJwUelxED0ZQo7vbGKJMZ5jLA=
X-Received: by 2002:a62:15c7:: with SMTP id 190mr923251pfv.107.1568661205316; 
 Mon, 16 Sep 2019 12:13:25 -0700 (PDT)
MIME-Version: 1.0
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
 <CADwFkm=k12W0q2ufoknXLh3SooqBb17rCkoJg2sdyaYGf=pvkw@mail.gmail.com>
 <m2sgow623v.fsf@gmail.com>
 <CADwFkm=-rUT=YijPQt7rZm5OeZLQ-bkfh7W2dnhhj8YHO_C=Cw@mail.gmail.com>
 <837e68xqjc.fsf@gnu.org>
In-Reply-To: <837e68xqjc.fsf@gnu.org>
From: Stefan Kangas <stefan@marxist.se>
Date: Mon, 16 Sep 2019 21:13:13 +0200
Message-ID: <CADwFkmk-DLCxQfh8GDBBxS6cCemTczQwU6+84z0pTYP=CRzMFQ@mail.gmail.com>
Subject: Re: bug#33825: 25.2;
 , Failing to verify signature for ELPA debbugs package
To: Eli Zaretskii <eliz@gnu.org>
Content-Type: multipart/mixed; boundary="000000000000eaa8110592b06574"
X-Spam-Score: 0.3 (/)
X-Debbugs-Envelope-To: 33825
Cc: Robert Pluim <rpluim@gmail.com>, 33825@debbugs.gnu.org,
 Clemens Radermacher <clemens.radermacher@posteo.de>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.7 (/)

--000000000000eaa8110592b06574
Content-Type: text/plain; charset="UTF-8"

Eli Zaretskii <eliz@gnu.org> writes:

> > How about also adding a recommendation to use https, as far as
> > possible, for package archives?  I guess that could be added to both
> > the doc string of package-archives and possibly also the manual.  That
> > would help security and avoid issues such as these.
>
> I'd leave this out of the manual.  Doc string should be enough.

Thanks.  How about the attached patch?

Best regards,
Stefan Kangas

--000000000000eaa8110592b06574
Content-Type: text/x-patch; charset="US-ASCII"; 
	name="0001-Recommend-https-for-package-archives.patch"
Content-Disposition: attachment; 
	filename="0001-Recommend-https-for-package-archives.patch"
Content-Transfer-Encoding: base64
Content-ID: <f_k0msd84p0>
X-Attachment-Id: f_k0msd84p0

RnJvbSBhZmM0OWNjZDRlM2U1OTNmMWYyZGZmZmJkZDZlNDU3MTMyZWZhOWNkIE1vbiBTZXAgMTcg
MDA6MDA6MDAgMjAwMQpGcm9tOiBTdGVmYW4gS2FuZ2FzIDxzdGVmYW5rYW5nYXNAZ21haWwuY29t
PgpEYXRlOiBNb24sIDE2IFNlcCAyMDE5IDIxOjA5OjMyICswMjAwClN1YmplY3Q6IFtQQVRDSF0g
UmVjb21tZW5kIGh0dHBzIGZvciBwYWNrYWdlLWFyY2hpdmVzCgoqIGxpc3AvZW1hY3MtbGlzcC9w
YWNrYWdlLmVsIChwYWNrYWdlLWFyY2hpdmVzKTogRG9jIGZpeCB0byByZWNvbW1lbmQKdXNpbmcg
aHR0cHMgc291cmNlcyBpbnN0ZWFkIG9mIGh0dHAgd2hlcmUgcG9zc2libGUuICAoQnVnIzMzODI1
KQotLS0KIGxpc3AvZW1hY3MtbGlzcC9wYWNrYWdlLmVsIHwgNSArKysrLQogMSBmaWxlIGNoYW5n
ZWQsIDQgaW5zZXJ0aW9ucygrKSwgMSBkZWxldGlvbigtKQoKZGlmZiAtLWdpdCBhL2xpc3AvZW1h
Y3MtbGlzcC9wYWNrYWdlLmVsIGIvbGlzcC9lbWFjcy1saXNwL3BhY2thZ2UuZWwKaW5kZXggZWYw
YzUxNzFkZS4uNjljNDQyN2UwYSAxMDA2NDQKLS0tIGEvbGlzcC9lbWFjcy1saXNwL3BhY2thZ2Uu
ZWwKKysrIGIvbGlzcC9lbWFjcy1saXNwL3BhY2thZ2UuZWwKQEAgLTIxNCw3ICsyMTQsMTAgQEAg
cGFja2FnZS1hcmNoaXZlcwogICAoT3RoZXIgdHlwZXMgb2YgVVJMIGFyZSBjdXJyZW50bHkgbm90
IHN1cHBvcnRlZC4pCiAKIE9ubHkgYWRkIGxvY2F0aW9ucyB0aGF0IHlvdSB0cnVzdCwgc2luY2Ug
ZmV0Y2hpbmcgYW5kIGluc3RhbGxpbmcKLWEgcGFja2FnZSBjYW4gcnVuIGFyYml0cmFyeSBjb2Rl
LiIKK2EgcGFja2FnZSBjYW4gcnVuIGFyYml0cmFyeSBjb2RlLgorCitJdCBpcyBhZHZpc2FibGUg
dG8gcHJlZmVyIEhUVFBTIFVSTHMgb3ZlciBIVFRQIFVSTHMgd2hlcmUKK3Bvc3NpYmxlLCBmb3Ig
aW1wcm92ZWQgc2VjdXJpdHkgYW5kIHN0YWJpbGl0eS4iCiAgIDp0eXBlICcoYWxpc3QgOmtleS10
eXBlIChzdHJpbmcgOnRhZyAiQXJjaGl2ZSBuYW1lIikKICAgICAgICAgICAgICAgICA6dmFsdWUt
dHlwZSAoc3RyaW5nIDp0YWcgIlVSTCBvciBkaXJlY3RvcnkgbmFtZSIpKQogICA6cmlza3kgdAot
LSAKMi4yMC4xCgo=
--000000000000eaa8110592b06574--




From debbugs-submit-bounces@debbugs.gnu.org Mon Sep 16 15:14:41 2019
Received: (at control) by debbugs.gnu.org; 16 Sep 2019 19:14:41 +0000
Received: from localhost ([127.0.0.1]:51091 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1i9wSP-0002Us-Cz
	for submit@debbugs.gnu.org; Mon, 16 Sep 2019 15:14:41 -0400
Received: from mail-pf1-f170.google.com ([209.85.210.170]:44157)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <stefankangas@gmail.com>) id 1i9wSM-0002Uc-NT
 for control@debbugs.gnu.org; Mon, 16 Sep 2019 15:14:39 -0400
Received: by mail-pf1-f170.google.com with SMTP id q21so478392pfn.11
 for <control@debbugs.gnu.org>; Mon, 16 Sep 2019 12:14:38 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
 bh=JAWeV1SCGNbCt8WK3gTOWWLkXJ2kwPS9pFq5poKWSBA=;
 b=HU8QtOdRLJLHjLUqEKZledN8g4YzmQtlVxn/MnYQ2of6TMUo9r947YcE9Vrqr+wHex
 s8UAldCn/jkD/qUKXgeEW1ZboeKgWQdJOl5OYLElmCnltrGcU8vK8xYzmpo1w+adssLO
 rPpBY2rQd6DMdwziY4nD6o4dGHZQXpbo7SsGnUj9jRxcUN530eD/Y/cTWqRIM5KP3slR
 /bKcSE/7/q9JkO4l2wfyrv21UQZybdZ/du4XnqYX3U86w+/uNxL9iDHxBdQvffwhYr4F
 6InmY+ITku65nb/WaDqsvr2aaEWVv9bbn6iuxwOG7yTQMz0VPF8c6QC2e7XSr4Z5/ITx
 ShoA==
X-Gm-Message-State: APjAAAX5x12ALzZUmTvNV3J7RB5+pmfuSQxZgeGFAQAk2oryW9U7ic2m
 jKhBt9gwE6bhTPBekPI9My9kHLyZKV737evWED6b8U3b
X-Google-Smtp-Source: APXvYqyibJrnF1Jh1JkHoxeS4y1L+bkqhhmRFpXN/s1CBSnXI+JsHAIrPKoZqaqm69/JLnjMw2WEj+MHf0zM4LBeDB0=
X-Received: by 2002:a63:4c5c:: with SMTP id m28mr398336pgl.333.1568661272736; 
 Mon, 16 Sep 2019 12:14:32 -0700 (PDT)
MIME-Version: 1.0
From: Stefan Kangas <stefan@marxist.se>
Date: Mon, 16 Sep 2019 21:14:21 +0200
Message-ID: <CADwFkmmPHDAMSYnimX=MNFat8YFuVoPC1uCkmMwZSVn6t6nE4Q@mail.gmail.com>
Subject: 
To: control@debbugs.gnu.org
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 2.3 (++)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 Content preview:  tags 33825 + patch quit 
 Content analysis details:   (2.3 points, 10.0 required)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
 no trust [209.85.210.170 listed in list.dnswl.org]
 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
 mail domains are different
 0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
 provider (stefankangas[at]gmail.com)
 -0.0 SPF_PASS               SPF: sender matches SPF record
 0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
 [209.85.210.170 listed in wl.mailspike.net]
 0.0 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
 EnvelopeFrom freemail headers are different
 2.0 BLANK_SUBJECT          Subject is present but empty
 0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders
X-Debbugs-Envelope-To: control
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: 1.3 (+)
X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org",
 has NOT identified this incoming email as spam.  The original
 message has been attached to this so you can view it or label
 similar future email.  If you have any questions, see
 the administrator of that system for details.
 
 Content preview:  tags 33825 + patch quit 
 
 Content analysis details:   (1.3 points, 10.0 required)
 
  pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.0 RCVD_IN_DNSWL_NONE     RBL: Sender listed at https://www.dnswl.org/,
                              no trust
                             [209.85.210.170 listed in list.dnswl.org]
  0.0 RCVD_IN_MSPIKE_H3      RBL: Good reputation (+3)
                             [209.85.210.170 listed in wl.mailspike.net]
  0.0 SPF_HELO_NONE          SPF: HELO does not publish an SPF Record
  0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level
                             mail domains are different
  0.0 FREEMAIL_FROM          Sender email is commonly abused enduser mail
                             provider (stefankangas[at]gmail.com)
 -0.0 SPF_PASS               SPF: sender matches SPF record
 -1.0 MAILING_LIST_MULTI     Multiple indicators imply a widely-seen list
                             manager
  0.0 FREEMAIL_FORGED_FROMDOMAIN 2nd level domains in From and
                             EnvelopeFrom freemail headers are
                             different
  2.0 BLANK_SUBJECT          Subject is present but empty
  0.0 RCVD_IN_MSPIKE_WL      Mailspike good senders

tags 33825 + patch
quit




From debbugs-submit-bounces@debbugs.gnu.org Tue Sep 17 09:34:23 2019
Received: (at 33825) by debbugs.gnu.org; 17 Sep 2019 13:34:23 +0000
Received: from localhost ([127.0.0.1]:51847 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1iADca-00036z-0l
	for submit@debbugs.gnu.org; Tue, 17 Sep 2019 09:34:23 -0400
Received: from mail-ed1-f44.google.com ([209.85.208.44]:43295)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <rpluim@gmail.com>) id 1iADcY-00036m-78
 for 33825@debbugs.gnu.org; Tue, 17 Sep 2019 09:34:18 -0400
Received: by mail-ed1-f44.google.com with SMTP id r9so3323539edl.10
 for <33825@debbugs.gnu.org>; Tue, 17 Sep 2019 06:34:18 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:references:mail-copies-to:gmane-reply-to-list
 :date:in-reply-to:message-id:mime-version;
 bh=FP/we4Fmt5IMWtgcFr0BHuycoUMamULjO9uddbANX5I=;
 b=LzoFa9iMoVXEyy1tEtyx/6KJU1VgUuCyf0mTQZyfzpVjbjBDQMtE8AyNa0pKyxRRFH
 VbundGoANBLlodVQYtkko7eUvANCpcW6QgC2pywyfAscl2VnvtVsQK4aYJzIej7RY+lV
 aBiY5JB1GgOfGBxONZAjSySZNyH7SEJQeJQXov0CaUVOYrSb83P6cOPXiRJV4rz4ZyyO
 5ej+dF9bdKUJoH7qbpN+yNxj6NU0vLvP+7cWFBdpJnutuv/CFwuOyF28FUEYOgNAv9e7
 fEir2HeCH8Pq9k1WLQdYf3XgSKClj/sk+U2RRjbhqmpQXCdA5o989le6KqxM2B1H7tkV
 WLUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:references:mail-copies-to
 :gmane-reply-to-list:date:in-reply-to:message-id:mime-version;
 bh=FP/we4Fmt5IMWtgcFr0BHuycoUMamULjO9uddbANX5I=;
 b=oDtunnulvYhCYjqNTlShM6R5WFzo8PXCsIDHZR4hqa2vMS0ywdUsdBIzz3wqryqfsu
 0FIuK4eISgOZTCVHaOND0fMzous//SDl9XlnnlUfgTpauOIheWwYPnLrL5sTM/xJ+TSG
 clNjuBN12DtDYEVJSZ0D+76Yp2/zCm72AF096tJlvR9p76EFeYJZYjalxQZH3pJ03haI
 UXYtDyA4ZutmmqfTNW5yRgyUEvaFCcbKhQIxgyYWT7pJ1hVUCSuLKPsE8ZhZpvHPaZW1
 1pkBkbJLdOswxo5cpnUYXvCE6AR6/bzG4cbdrK+PG+wGNwnuXrgajNPHUERSCkjAAY83
 5Hhg==
X-Gm-Message-State: APjAAAWhl2DLc2YOl1z0gUaYYGEhGw9i8G9TJ2hNN77roPqBvOYRrtUh
 J5SPgyCLMWQdol/s5Hyf4qw=
X-Google-Smtp-Source: APXvYqzZEufGIjNB8zFebQRYe7FcknRKBbiKgKMz4sB1DW2B5Lbnhibxupz+NO3Xuk8Uvir//RdfLA==
X-Received: by 2002:a50:fa83:: with SMTP id w3mr4644057edr.262.1568727252130; 
 Tue, 17 Sep 2019 06:34:12 -0700 (PDT)
Received: from rpluim-mac ([149.5.228.1])
 by smtp.gmail.com with ESMTPSA id a3sm281144eje.90.2019.09.17.06.34.05
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 17 Sep 2019 06:34:05 -0700 (PDT)
From: Robert Pluim <rpluim@gmail.com>
To: Stefan Kangas <stefan@marxist.se>
Subject: Re: bug#33825: 25.2; , Failing to verify signature for ELPA debbugs
 package
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
 <CADwFkm=k12W0q2ufoknXLh3SooqBb17rCkoJg2sdyaYGf=pvkw@mail.gmail.com>
 <m2sgow623v.fsf@gmail.com>
 <CADwFkm=-rUT=YijPQt7rZm5OeZLQ-bkfh7W2dnhhj8YHO_C=Cw@mail.gmail.com>
 <837e68xqjc.fsf@gnu.org>
 <CADwFkmk-DLCxQfh8GDBBxS6cCemTczQwU6+84z0pTYP=CRzMFQ@mail.gmail.com>
X-Debbugs-No-Ack: yes
Mail-Copies-To: never
Gmane-Reply-To-List: yes
Date: Tue, 17 Sep 2019 15:34:04 +0200
In-Reply-To: <CADwFkmk-DLCxQfh8GDBBxS6cCemTczQwU6+84z0pTYP=CRzMFQ@mail.gmail.com>
 (Stefan Kangas's message of "Mon, 16 Sep 2019 21:13:13 +0200")
Message-ID: <m2ftkv59o3.fsf@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Score: 0.0 (/)
X-Debbugs-Envelope-To: 33825
Cc: Eli Zaretskii <eliz@gnu.org>, 33825@debbugs.gnu.org,
 Clemens Radermacher <clemens.radermacher@posteo.de>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -1.0 (-)

>>>>> On Mon, 16 Sep 2019 21:13:13 +0200, Stefan Kangas <stefan@marxist.se> said:

    Stefan> Eli Zaretskii <eliz@gnu.org> writes:
    >> > How about also adding a recommendation to use https, as far as
    >> > possible, for package archives?  I guess that could be added to both
    >> > the doc string of package-archives and possibly also the manual.  That
    >> > would help security and avoid issues such as these.
    >> 
    >> I'd leave this out of the manual.  Doc string should be enough.

    Stefan> Thanks.  How about the attached patch?

Nits below

    Stefan> Best regards,
    Stefan> Stefan Kangas

    Stefan> From afc49ccd4e3e593f1f2dfffbdd6e457132efa9cd Mon Sep 17 00:00:00 2001
    Stefan> From: Stefan Kangas <stefankangas@gmail.com>
    Stefan> Date: Mon, 16 Sep 2019 21:09:32 +0200
    Stefan> Subject: [PATCH] Recommend https for package-archives

    Stefan> * lisp/emacs-lisp/package.el (package-archives): Doc fix to recommend
    Stefan> using https sources instead of http where possible.
    Stefan> (Bug#33825)

"Recommend using https..." is shorter and more direct.

    Stefan> ---
    Stefan>  lisp/emacs-lisp/package.el | 5 ++++-
    Stefan>  1 file changed, 4 insertions(+), 1 deletion(-)

    Stefan> diff --git a/lisp/emacs-lisp/package.el b/lisp/emacs-lisp/package.el
    Stefan> index ef0c5171de..69c4427e0a 100644
    Stefan> --- a/lisp/emacs-lisp/package.el
    Stefan> +++ b/lisp/emacs-lisp/package.el
    Stefan> @@ -214,7 +214,10 @@ package-archives
    Stefan>    (Other types of URL are currently not supported.)
 
    Stefan>  Only add locations that you trust, since fetching and installing
    Stefan> -a package can run arbitrary code."
    Stefan> +a package can run arbitrary code.
    Stefan> +
    Stefan> +It is advisable to prefer HTTPS URLs over HTTP URLs where
    Stefan> +possible, for improved security and stability."

Similarly: "HTTPS URLs should be used where possible, as they offer
superior security."

"stability" is not really something you can define, so probably better
not to mention it..

Robert




From debbugs-submit-bounces@debbugs.gnu.org Fri Sep 20 13:24:34 2019
Received: (at 33825-done) by debbugs.gnu.org; 20 Sep 2019 17:24:34 +0000
Received: from localhost ([127.0.0.1]:58377 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1iBMe2-0004l7-Fz
	for submit@debbugs.gnu.org; Fri, 20 Sep 2019 13:24:34 -0400
Received: from mail-pl1-f177.google.com ([209.85.214.177]:37059)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <stefankangas@gmail.com>) id 1iBMdz-0004ki-13
 for 33825-done@debbugs.gnu.org; Fri, 20 Sep 2019 13:24:31 -0400
Received: by mail-pl1-f177.google.com with SMTP id b10so3494524plr.4
 for <33825-done@debbugs.gnu.org>; Fri, 20 Sep 2019 10:24:30 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:references:in-reply-to:from:date
 :message-id:subject:to:cc;
 bh=7vP1v4I2CPbhmzrSTSp6dQwKu5P36WfU/VD1ZpRrAWg=;
 b=L3OG9/fw/4Gi6Ydf0rIXt7N09u6phrx3ydtd7Z9IMq3gjaYP98Ci0G2VaomVl2yGOx
 OC66sMISuxFGKlQxy4RHwvZrRz3L5Hy/dczr2dFbGyVp+dPIpnV0/+hx2oLrtpQGm0/r
 JGPIxCZsW9dhByEY2E52NKts4Taw0tV9w7BvcgjgFlZbRv7Ukf2xQrkRrudES0VPWlx1
 OjqR2OLaltd5zSCw4SNb2TRp/l6Y1xnLpYDfDHkBw9eB9M3RaxSoz8b8pyAW3ELhYrsw
 JUnNPil2ZV7vUd3BI6DBaripxaIp7lIQT84x+DnAycsU2tJBitIEzKcSQM8qToO0HEhs
 /bPg==
X-Gm-Message-State: APjAAAUOl3zn+gaCEpOaPnZv2S4HxmX6xVXF8FtG8swLR+77zTUnjlTI
 SOx75Z458PsS3YODYz7mUuAdjsmIZbgZdFR2JLU=
X-Google-Smtp-Source: APXvYqyjsKs1YWBEsdR9oeqru8bSUyEFxDsFIECWVK+Qq1AgTxu7r7w/yCdGQIdoU2wxUPURbeBVBJX8tqfzQp9ReYM=
X-Received: by 2002:a17:902:d88f:: with SMTP id
 b15mr4126623plz.251.1569000265277; 
 Fri, 20 Sep 2019 10:24:25 -0700 (PDT)
MIME-Version: 1.0
References: <888db897-c9c8-107e-cacf-c5972a2c94d6@posteo.de>
 <CADwFkm=k12W0q2ufoknXLh3SooqBb17rCkoJg2sdyaYGf=pvkw@mail.gmail.com>
 <m2sgow623v.fsf@gmail.com>
 <CADwFkm=-rUT=YijPQt7rZm5OeZLQ-bkfh7W2dnhhj8YHO_C=Cw@mail.gmail.com>
 <837e68xqjc.fsf@gnu.org>
 <CADwFkmk-DLCxQfh8GDBBxS6cCemTczQwU6+84z0pTYP=CRzMFQ@mail.gmail.com>
 <m2ftkv59o3.fsf@gmail.com>
In-Reply-To: <m2ftkv59o3.fsf@gmail.com>
From: Stefan Kangas <stefan@marxist.se>
Date: Fri, 20 Sep 2019 19:24:14 +0200
Message-ID: <CADwFkmnbCWRNX_Vw_RrnsnmhZnvoVWe+N-hmaW6RrymACYnAfQ@mail.gmail.com>
Subject: Re: bug#33825: 25.2;
 , Failing to verify signature for ELPA debbugs package
To: Robert Pluim <rpluim@gmail.com>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Score: 0.4 (/)
X-Debbugs-Envelope-To: 33825-done
Cc: Eli Zaretskii <eliz@gnu.org>, 33825-done@debbugs.gnu.org,
 Clemens Radermacher <clemens.radermacher@posteo.de>
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -0.6 (/)

Robert Pluim <rpluim@gmail.com> writes:
> Nits below

Thanks, I've now installed the patch with your suggested changes as
commit f1f2de7cdf.

Since we seem to agree that there is not much else to do here, I'm
also closing this bug.

Best regards,
Stefan Kangas




From unknown Tue Jun 17 20:10:21 2025
Received: (at fakecontrol) by fakecontrolmessage;
To: internal_control@debbugs.gnu.org
From: Debbugs Internal Request <help-debbugs@gnu.org>
Subject: Internal Control
Message-Id: bug archived.
Date: Sat, 19 Oct 2019 11:24:06 +0000
User-Agent: Fakemail v42.6.9

# This is a fake control message.
#
# The action:
# bug archived.
thanks
# This fakemail brought to you by your local debbugs
# administrator