This is the signature for the GnuPG 1.0.5 tarball gnupg-1.0.5.tar.gz . Please note, that you should not use a just build version of 1.0.5 to verify this signature but an older version of GnuPG or any other OpenPGP implementation. If this is not possible, please verify the MD5 checksums which are given in the announcement mail and on the webpage http://www.gnupg.org/download.html . The key used to create this signature is certified with the the key 5B0358A2 which in turn has been certified by a lot of well know folks. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.5 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA67EyWaLeriVdUjc0RAryPAJwIB0fKY9eg8wsYl1EuWIoNM6PPrgCfXOy5 tKE8xK4JhJJsvRliJRgYin8= =it+F -----END PGP SIGNATURE-----