[CentOS] Security: should I be concerned?

Nels Lindquist nlindq at maei.ca
Wed Oct 12 16:18:59 UTC 2005

Hash: SHA1

On 12 Oct 2005 at 9:20, William L. Maltby wrote:


> My second concern is with security update announcements. For all the
> announcers but one (IIRC) I get "Invalid signature" displayed (using
> Evolution). I would ask "Should I be concerned?", but the answer is
> self-evident in security circles. So instead, I'll ask if this is
> acceptable in the official CentOS and I can continue to rely on their
> stuff in their opinion.

Do you have any more detail as to why the invalid signatures?  Does 
it give you a different message if you haven't imported someone's 
public key?  You might want to check out your GPG integration setup 
with Evolution.  I'm using Thunderbird/Enigmail to read list mail, 
and all of the CentOS announcement messages have verifiable 
signatures.  I assume you have no trouble with PGP/MIME since that 
appears to be what you're using...

- ----
Nels Lindquist <*>
Information Systems Manager
Morningstar Air Express Inc.

Version: GnuPG v1.4.2 (MingW32)


More information about the CentOS mailing list