GPG error on Nginx repository - NO_PUBKEY
B.R.
reallfqq-nginx at yahoo.fr
Fri Jun 28 17:09:00 UTC 2013
Hello,
On Fri, Jun 28, 2013 at 9:27 AM, Sergey Budnevitch <sb at waeme.net> wrote:
>
> On 28 Jun2013, at 10:15 , Phil Pennock <nginx+phil at spodhuis.org> wrote:
>
> > On 2013-06-27 at 11:41 -0400, B.R. wrote:
> >> The Nginx website's page <http://nginx.org/en/linux_packages.html> on
> Linux
> >> packages provides you with the key file address:
> >> http://nginx.org/en/linux_packages.html
> >
> > You mean:
> > http://nginx.org/keys/nginx_signing.key
>
You are right... Copy-paste trouble... :o)
> >
> > (And if you import a file retrieved over plain http straight into your
> > trust anchors with no further verification, you have other problems).
>
You are right, that what people *shall* do (and they also shall not pass).
However, I was merely summing up the steps provided before which were not
mentioning that either. But you're right: there is one step missing.
> We've added short explanation with links to gpg docs about how
> and why pgp signatures should be checked:
>
> http://nginx.org/en/linux_packages.html#signatures
>
The link to Dewinter's website is broken.
Maybe would you like to replace it with
http://www.gnupg.org/documentation/howtos.en.html?
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
---
*B. R.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20130628/a61cf8f8/attachment-0001.html>
More information about the nginx
mailing list