verifying bind-9.10.0 download

Noel Butler noel.butler at ausics.net
Sat May 3 02:08:00 UTC 2014


 

OK here too. 

On 03/05/2014 11:07, Evan Hunt wrote: 

> On Fri, May 02, 2014 at 05:50:45PM -0700, mm half wrote:
> 
>> I have downloaded bind-9.10.0.tar.gz from the ISC download site, imported in the pgpkey2013.txt located at: https://www.isc.org/downloads/software-support-policy/openpgp-key/ [1] , and can't seem to get any of the signature files to pass the verify test using gpg : gpg --verify bind-9.10.0.tar.gz.asc bind-9.10.0.tar.gz gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/faq.html [2] for more information gpg: Signature made Tue Apr 29 16:12:28 2014 EDT using RSA key ID 189CDBC5 gpg: BAD signature from "Internet Systems Consortium, Inc. (Signing key, 2013) <codesign at isc.org>"
> 
> Works fine for me. Check the fingerprint on the tarball, it should be:
> 
> SHA256(bind-9.10.0.tar.gz)=
> acc2f5cc58c121f927e02c23e7e3e2e4876139eaac4a9df71800d4a38917c887

 

Links:
------
[1] https://www.isc.org/downloads/software-support-policy/openpgp-key/
[2] http://www.gnupg.org/faq.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/bind-users/attachments/20140503/5d9c4591/attachment.html>


More information about the bind-users mailing list