Report upstream that Gpg4win warning message when verifying the ISO image is misleading
Originally created by @sajolida on #6393 (Redmine)
Many users have reported a misleading error message while using Gpg4Win to verify the ISO image. When the correct key is imported but not trusted the following error message appears:
Not enough information to check the signature validity.
Signed on … by tails@boum.org (Key ID: 0xBE2CD9C1)
The validity of the signature cannot be verified.
This is misleading because the signature is indeed valid. But it doesn’t come from a trusted key. The message should instead say:
Not enough information to check the signature authenticity.
Signed on … by tails@boum.org (Key ID: 0xBE2CD9C1)
Good signature from an untrusted key.
We should confirm that problem and report it upstream to Gpg4Win.