On Jun 05, 2011, at 08:20 AM, Aahz wrote:
From your python download page you need to update the public keys to not use the faulty MD5 digest algorithm. (see the link listed below)
$ gpg --import pubkeys.txt gpg: key 6A45C816: public key "Anthony Baxter <anthony@interlink.com.au>" imported gpg: WARNING: digest algorithm MD5 is deprecated gpg: please see http://www.gnupg.org/faq/weak-digest-algos.html for more information gpg: key ED9D77D5: public key "Barry A. Warsaw <barry@warsaw.us>" imported gpg: Total number processed: 2 gpg: imported: 2 (RSA: 1) gpg: no ultimately trusted keys found
This only looks like a problem with Anthony's key. He could update his key, but OTOH probably has little incentive to just for Python release management. Anthony was release manager for 2.5, but Martin took that over, and also, Python 2.5 is very near EOL even for security releases. -Barry