GnuPG now can verify out of the box RSA signatures, INSTALL should be fixed. (Actually, I see no reason to use commercial PGP nowadays, anybody has a different opinion?) BTW, the autoconf check for Berkeley is not useful at all on linux, where in some cases libdb is in /usr/lib and the headers in /usr/include/db2. -- ciao, Marco