Hi Chris,
  I'll get my public key uploaded to the website shortly.  Thanks for pointing out the issue.
Martin

On Tue, May 14, 2019 at 12:34 PM Chris Laprise <tasket@posteo.net> wrote:
Hi all,

I'm about to embark on a coreboot build+flash per Mike Banon's G505s
page, but before building I want to verify signatures for the source.
These appear in only one place, on the coreboot.org Downloads page, and
are signed with the key:

D861AB74FB933260193399696B249D77269C04E1

The only problem is there is apparently no mention of the signing key
anywhere else on the coreboot website. I usually look for some explicit,
official reference (preferably in multiple contexts) to a person or
org's key ID before downloading it from a keyserver. Taking the key ID
from an object signature doesn't satisfy that requirement.

--

Chris Laprise, tasket@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB  4AB3 1DC4 D106 F07F 1886
_______________________________________________
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-leave@coreboot.org