This is the signature for the GnuPG 1.0.6 tarball gnupg-1.0.6.tar.gz . Please note, that you should not use a just build version of 1.0.6 to verify this signature but an older version of GnuPG or any other OpenPGP implementation. If this is not possible, please verify the MD5 checksums which are given in the announcement mail and on the webpage http://www.gnupg.org/download.html . The key used to create this signature is certified with the the key 5B0358A2 which in turn has been certified by a lot of well known folks. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.5 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQA7E1tOaLeriVdUjc0RAjT5AJ4ilICkDaiooXz68gMRq9Egj6XcvACdFs6d XnC6fHoQLnZ3e6Fxoy7QATg= =TAAU -----END PGP SIGNATURE-----