verifying bind-9.10.0 download

Evan Hunt each at
Sat May 3 01:07:57 UTC 2014

On Fri, May 02, 2014 at 05:50:45PM -0700, mm half wrote:
> I have downloaded bind-9.10.0.tar.gz from the ISC download site, imported in the pgpkey2013.txt located at: , and can't seem to get any of the signature files to pass the verify test using gpg :
> gpg --verify bind-9.10.0.tar.gz.asc bind-9.10.0.tar.gz
> gpg: WARNING: using insecure memory!
> gpg: please see for more information
> gpg: Signature made Tue Apr 29 16:12:28 2014 EDT using RSA key ID 189CDBC5
> gpg: BAD signature from "Internet Systems Consortium, Inc. (Signing key, 2013) <codesign at>"

Works fine for me.  Check the fingerprint on the tarball, it should be:


Evan Hunt -- each at
Internet Systems Consortium, Inc.

More information about the bind-users mailing list