Hi David,

Thanks, I was able to retrieve the key and verify the signature. Maybe you add the information on the key used to sign on this page: https://www.flashrom.org/Downloads (which by the way is outdated as it refers to 0.9.9)?

Also, note that the section regarding ArchLinux on this page should be updated to. I, Bruno Pagani, am the new maintainer of this package following retirement of Giovanni. Also the link should rather point to https://www.archlinux.org/people/trusted-users/#Archange than the maintainer package list. ;) Finally, please change “i686” to “x86_64” in the “package overview” link, since we dropped support for i686 distro-wide.

Regards,
Bruno

On Thu, Jan 18, 2018 at 8:35 AM, David Hendricks <david.hendricks@gmail.com> wrote:

Hi Bruno,
Try again, it should be posted now (I used keys.gnupg.net).

On Thu, Jan 11, 2018 at 9:44 AM, Archange <archange@archlinux.org> wrote:

Hi,

It seems that flashrom provides GPG sigs for the tarball, e.g.
http://download.flashrom.org/releases/flashrom-1.0.tar.bz2.asc, which is
nice.

However, I seems I can’t find the key use to sign this on usual
keyservers. Could you tell me where it is available?

Regards,
Bruno

_______________________________________________
flashrom mailing list
flashrom@flashrom.org
https://mail.coreboot.org/mailman/listinfo/flashrom