The current set of download files for v1.1a6 available at 23 Sep 2014 are signed with a key of ID D0AA36FE. This is different from Tony Meyer's key (ID F23F732A) as referenced on http://spambayes.sourceforge.net/download.html
The public key does not appear to be available on any of the keyservers (pgp.mit.edu, keys.gnupg.net, keyserver.pgp.com, certserver.pgp.com) I have searched, and there is no reference to this 'new' key on any of the project pages that I can see.
Can anyone confirm the key owner? And where the public key can be downloaded from?
Thanks.
That's probably me (skip@pobox.com). What credential do I have to deposit
(and where) to clean this up?
(Note that SpamBayes development has been completely stopped for several
years.)
Skip Montanaro
On Tue, Sep 23, 2014 at 3:01 PM, Jools C jools-srcface@users.sf.net wrote:
Related
Support Requests: #149
Hi Skip.
You'll need to publish your public key to a keyserver.
There's a couple of ways of doing this, but basically you'll need to export the public key of the keypair used to sign the files previously and then upload to the following keyservers (as a suggestion) :
http://keys.gnupg.net
https://pgp.mit.edu
https://keyserver.pgp.com
Export your key in armored ascii format. For example, exporting your public key using GPG use the following command/syntax:
gpg --output mypublickey.asc --armor --export myKeyId
(ref: GNU Privacy Handbook - https://www.gnupg.org/gph/en/manual/x56.html)
To publish to https://keyserver.pgp.com:
- go to above URL and select 'Publish your Key' and either upload your mypublickey.asc file, or click the Key Block button and copy/paste the text from your mypublickey.asc and then 'Upload'.
To publish to https://pgp.mit.edu:
- go to the above site, copy/paste the text from your mypublickey.asc into the area provided then click 'Submit this key to the keyserver!'
To publish to http://keys.gnupg.net/
- same as for pgp.mit.edu
If you're using GPG you can publish to a keyserver without needing to export, with the following command/syntax:
gpg --keyserver keyserver.pgp.com --send-key myKeyId
(ref: GNU Privacy Handbook - https://www.gnupg.org/gph/en/manual/x457.html)
Hope that helps.
Jools.
Just thought, may be simpler to just export the public key as an ascii file (using 'gpg --output mypublickey.asc --armor --export <myKeyId>' command), upload the resulting 'mypublickey.asc' file to your website and link to it from the Downloads page (in the same way that there is a link to Tony's key from the Download page).
Possibly a little simpler :-)
Jools.