Check zlib developer GPG signature
Closed this issue · 0 comments
fmarier commented
zlib releases are signed by Mark Adler:
$ gpg --verify zlib-1.2.13.tar.gz.asc
gpg: assuming signed data in 'zlib-1.2.13.tar.gz'
gpg: Signature made Thu 13 Oct 2022 01:45:13 PM PDT
gpg: using DSA key 5ED46A6721D365587791E2AA783FCD8E58BCAFBA
gpg: Good signature from "Mark Adler <madler@alumni.caltech.edu>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner.
Primary key fingerprint: 5ED4 6A67 21D3 6558 7791 E2AA 783F CD8E 58BC AFBA