Hi Iynxis, thanks a lot for the information and the quick reply! Also, sorry for the basic and not exactly coreboot related question. Cheers, László
-------- Original Message -------- Subject: Re: [coreboot] GPG public key for corboot release signatures Local Time: June 24, 2017 9:50 PM UTC Time: June 24, 2017 7:50 PM From: lynxis@fe80.eu To: coreboot@coreboot.org coreboot@coreboot.org László Szücs laszlo.szucs@protonmail.com Hi Laszlo, you can find the keys on the public key servern. I"ve attached the fingerprints, but gpg can also show you when trying to verify it. > Why are there two signatures in the GPG signature file (for release > 4.6) and why do the signature dates differ from the release date > (according to the website)? More signatures are better ;). Choose your own trust anchor. I"ve signed it after it was released. Best, lynxis Alexander Couzens Key fingerprint = 390D CF78 8BF9 AA50 4F8F F1E2 C29E 9DA6 A0DF 8604 Martin Roth (coreboot developer) Key fingerprint = 574C E6F6 855C FDEB 7D36 8E9D 1979 6C2B 3E4F 7DF7 -- Alexander Couzens mail: lynxis@fe80.eu jabber: lynxis@fe80.eu mobile: +4915123277221 gpg: 390D CF78 8BF9 AA50 4F8F F1E2 C29E 9DA6 A0DF 8604