Verifying F-droid APK by PGP is a fairy tale

We’ve been trying to figure out on a several hours of investigation and by making this topic. how to use the verification of PGP Signature.

Sadly this didn’t bring us any usable instructions. It did show: gpg: Note: This key has expired! Which certainly didn’t give a trustworthy impression!

Why is there no proper central instruction on F-droid? Is it so hard to make? Is it only meant for the incrowd? Or is it so unimportant to check since F-droid is untouchable?

The only conclusion we can make is F-droid PGP Signature is a fairy tale like The Emperor’s New Clothes.

Still hoping somebody can prove different though by providing an understandable and working instruction…

1 Like

Just because a key is expired, does not mean it’s use is invalidated.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.