Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Electrum
Merits 4 from 1 user
Re: Problem verifying download's signature
by
DireWolfM14
on 19/08/2021, 00:52:04 UTC
⭐ Merited by o_e_l_e_o (4)
Quote from: Proofer on August 18, 2021, 09:01:05 PM
Quote from: o_e_l_e_o on August 18, 2021, 08:58:13 PM
Quote from: Proofer on August 18, 2021, 08:41:14 PM
Update:-snip-
This is a valid confirmation.

As it states, you have a "Good signature from Thomas Voegtlin." I can confirm that the key you have for him - 6694 D8DE 7BE8 EE56 31BE D950 2BD5 824B 7F94 70E6 - matches the key I have for him. The reason it tells you "WARNING: This key is not certified with a trusted signature!" is simply because you have not signed ThomasV's key with your own key to tell GPG that you trust it.

Excellent. Thank you!

According to your original post above, you'll need first need to download and import ThomasV's pgp key.  The links posted above will get you the key, save it someplace easily accessible, and name it ThomasV.asc

To import it use --import /path/to/file/ThomasV.asc.  Once it's imported you can sign it using --sign 6694D8DE7BE8EE5631BED9502BD5824B7F9470E6.  Editing the key the way o_e_l_e_o suggested is a more powerful way to do it, and gives you options for trust level.  Using the --sign command automatically sets the trust level to 4 (fully trusted.)