Re: OT: Miro's PGP signature [Was: urlview not listing the l…

Top Page
Attachments:
Message as email
+ (text/plain)
+ signature.asc (application/pgp-signature)
Delete this message
Author: Miroslav Rovis
Date:  
To: mutt-users
Subject: Re: OT: Miro's PGP signature [Was: urlview not listing the links right]
On 160918-13:18+0200, Richard Z wrote:
> On Sun, Sep 18, 2016 at 12:15:04PM +0200, Michael Tatge wrote:
> > * On Sat, Sep 17, 2016 11:21PM -0700 Ian Zimmerman (itz@???) muttered:
> > > Can anyone else verify Miro's signature?
> >
> > [-- Begin signature information --]
> > Good signature from: Miroslav Rovis (consacrated to Heart of Jesus)
> > <miro.rovis@???>
> >             created: Sun 18 Sep 2016 01:25:09 CEST
> > WARNING: We have NO indication whether the key belongs to the person

Pretty strange, if true. It's always used to be:

There is no indication that this key really belongs to the owner

That it would turn BAD is hard to conceive for me. I'm far from an
expert, but I do use my GnuPG correctly.

However, I use old GnuPG, and that could have something to do with the posts
about my PGP-key...

Here's what my current Gentoo Portage tree has:

# ls -ltr /usr/portage/app-crypt/gnupg/
total 200
-rw-r--r-- 1 portage portage 3372 2015-08-24 12:49 gnupg-1.4.19.ebuild
-rw-r--r-- 1 portage portage 89046 2015-11-09 05:11 ChangeLog-2015
-rw-r--r-- 1 portage portage 3384 2015-12-29 14:58 gnupg-1.4.20.ebuild
-rw-r--r-- 1 portage portage 4978 2016-03-30 13:26 gnupg-2.0.29-r1.ebuild
-rw-r--r-- 1 portage portage 4980 2016-04-07 20:19 gnupg-2.0.30.ebuild
-rw-r--r-- 1 portage portage 4505 2016-06-15 23:55 gnupg-2.1.12-r1.ebuild
-rw-r--r-- 1 portage portage 4453 2016-06-16 21:31 gnupg-2.1.13.ebuild
-rw-r--r-- 1 portage portage 4850 2016-06-22 19:40 gnupg-2.0.28.ebuild
-rw-r--r-- 1 portage portage 4937 2016-06-22 19:40 gnupg-2.0.26-r3.ebuild
drwxr-xr-x 2 portage portage 4096 2016-06-24 13:53 files
-rw-r--r-- 1 portage portage 4433 2016-07-28 19:55 gnupg-2.1.14-r1.ebuild
-rw-r--r-- 1 portage portage 1211 2016-08-06 23:32 metadata.xml
-rw-r--r-- 1 portage portage 4433 2016-08-20 01:42 gnupg-2.1.15.ebuild
-rw-r--r-- 1 portage portage 3379 2016-09-01 16:21 gnupg-1.4.21.ebuild
-rw-r--r-- 1 portage portage 11457 2016-09-01 17:10 Manifest
-rw-r--r-- 1 portage portage 13045 2016-09-01 17:10 ChangeLog
#

And this is my gnupg:

# equery l gnupg
* Searching for gnupg ...
[IP-] [ ] app-crypt/gnupg-1.4.21:0
#

My use of the old GnuPG, such as can be seen I precluded anything newer than:
Uninstalling dbus and *kits (to Unfacilitate Remote Seats)
https://forums.gentoo.org/viewtopic-t-992146.html#7559406
where you can see: ">=app-crypt/gnupg-2.0.22"

[My use of the old GnuPG] could be the reason... But I still trust my
distro... And I install with emerge-webrsync and some of the guys that sign
those packages I'm sure would never allow bad programs... But they can't
possibly check every program either....

Don't know...

===

But, really nobody cares to reply to my query about the *urlview* not doing the
work?

E.g. just check if in your Mutt it is like in mine with the email that I sent
and expained?

Thanks in advance!

> > named as shown above
> > Fingerprint: FCF1 3245 ED24 7DCE 4438 55B7 EA98 8488 4FBA F0AE
> > [-- End signature information --]
> >
> > NeoMutt 20160910 (1.7.0)
> > gpg (GnuPG) 2.1.15
> > libgcrypt 1.7.3-beta
> > libgpgme++2v5 (4.14.10-5)
> >
> > Michael
> > -- 
> > PGP-Key-ID:     EEE7D043
> > Jabber:         init0@???

>
> the message would have been at least moderately usefull if you would sign
> it, otherwise the evil dark might has probably faked it as well.
>
>
> Richard
>
> --
> Name and OpenPGP keys available from pgp key servers
>




--
Miroslav Rovis
Zagreb, Croatia
http://www.CroatiaFidelis.hr