[Gpg4win-users-de] Expired signer's key of the latest distribution of gpg4win

Mårdklo mardklo at gmail.com
Do Feb 4 06:57:23 CET 2010


Guten Morgen!

This happened in Monday 100201:
Normally using Linux (Ubuntu) I also work with a Windows XP machine
(sp3), where I want to install gpg4win (latest working version).   I
found this gpg4win-2.0.1.exe at http://gpg4win.org/.  However the
corresponding sig-file seems to be out of date and I don't want to
install this kind of software without beeing quite sure of validity and
trust.
When I try to verify the distribution (from linux where I do have gpgv
installed, and some of the signer's unexpired keys) I got this:
lars at myubuntuno1:~$ gpg --verify /home/lars/Desktop/gpg4win-2.0.1.exe.sig
gpg: Signature made Mon 28 Sep 2009 06:47:45 PM CEST using RSA key ID
1CE0C630
gpg: Good signature from "Werner Koch (dist sig) <dd9jn at gnu.org>"
gpg: Note: This key has expired!
Primary key fingerprint: 7B96 D396 E647 1601 754B  E4DB 53B6 20D0 1CE0 C630
lars at myubuntuno1:~$

When I checked the actual key of the signer, I found that it had expired
the day before, 2010-01-31 (!).
May be something had to be corrected?
Can you give me some advices?

Bästa hälsningar / Best Regards
Lars  Öberg
+46 18 495 12 60
+46 763 14 88 79  (m 3)
+46 738 926 170   (m Comviq)
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
-------------- nächster Teil --------------
Ein Dateianhang mit HTML-Daten wurde abgetrennt...
URL: <http://lists.wald.intevation.org/pipermail/gpg4win-users-de/attachments/20100204/d643927b/attachment.html>


Mehr Informationen über die Mailingliste Gpg4win-users-de