On Sat, Jan 25, 2014, Julien Cristau wrote: > gpg: BAD signature from "Alex Deucher <alexdeucher at gmail.com>" Same here. > If this isn't just me, any chance to get the tarball checksums in a > properly signed mail? Hmm, maybe it would be a good idea to have signed tar files (on the server)?