[Gpg4win-users-en] gpg4win 3.1.16 with updated GnuPG 2.2.32: No public key found despite having refreshed the keys
Stella Ashburne
rewefie at gmx.com
Tue Dec 21 20:40:33 CET 2021
Hi Bernhard
> Sent: Wednesday, December 22, 2021 at 1:24 AM
> From: "Bernhard Reiter" <bernhard at intevation.de>
> To: gpg4win-users-en at wald.intevation.org
> Cc: "Stella Ashburne" <rewefie at gmx.com>
> Subject: Re: [Gpg4win-users-en] gpg4win 3.1.16 with updated GnuPG 2.2.32: No public key found despite having refreshed the keys
>
>
> You seem to be missing the public key (pubkey) for the signature,
> it has the "short-id" "E53D989A9E2D47BF".
> If it was not there in the beginning, it could also not have been refreshed.
>
I'm a bit confused. Since 2014, I have the following Tor signing key imported into gpa:
User name: Tor Browser Developers (signing key) <torbrowser at torproject.org>
Fingerprint: EF6E 286D DA85 EA2A 4BA7 DE68 4E2C 6E87 9329 8290
Key ID: 93298290
Key type: rsa4096
Created at: 2014-12-15
However when I tried:
gpg -v torbrowser-install-win64-11.0.3_en-US.exe.asc
What I got was
gpg: Note: RFC4880bis features are enabled.
gpg: WARNING: no command supplied. Trying to guess what you mean ...
gpg: armor header: Version: GnuPG v1
gpg: assuming signed data in 'torbrowser-install-win64-11.0.3_en-US.exe'
gpg: Signature made 20-Dec-21 11:33:11 W. Australia Standard Time
gpg: using RSA key E53D989A9E2D47BF
gpg: Can't check signature: No public key
>
> (*) Extra tech-info: the short-id maybe not enough to identify a pubkey,
> if you can, you should always the use the long key id.
>
What's a long key id? What does its format look like?
Best wishes of the season and stay safe!
Stella
More information about the Gpg4win-users-en
mailing list