I'm used to other types of file verification, typically just .sig files...what am I doing wrong here? about minisign HOT 6 CLOSED

This is way easier, and it works the same way on all operating systems.

The first page of the documentation explains how to verify the dnscrypt-proxy signatures:
https://github.com/jedisct1/dnscrypt-proxy/wiki/Installation#verification-of-downloaded-files

If you do minisign -G, it creates a new secret key. Your own secret key, so that you can sign files, and people can verify that they have been signed by you using the associated public key.

You tried to verify a signature created by me, using your public key (whose purpose is to verify that the signature was made by you). This is what the message means. The signature cannot be verified with that public key (yours) because it was made by someone else.

So, there's nothing wrong with creating your own key pair, protected with whatever password you want. But if you want to verify that a file has been signed by someone else, you need to use their public key, not yours :)

from minisign.

That's cool, but, how can I verify your key, I can't find anything like minisign.pub, i'm used to gpg and gpa in linux, what am I to do? because verify without the -G part of what I did was done because the command -Vm did not work, it threw at me the help menu before I created my key.

Thanks for responding quickly, hope you'll be responding fast to this one too...I'm trying to work with SimpleDNSCrypt and it's been quite the fiasco so far, Firefox works because it allows one to isolate all of their protections like Secure DNS (DoTLS), ESNI, while my other main browser Iridium, is based on Chrome and the protection other than DNSSEC and tls 1.3 for DoH or DoTLS and ESNI are not possible except system-wide, at least what dnscrypt is used for, ESNI is really great but only firefox can be made to use it by isolating it to cloudflare's 1.1.1.1

from minisign.

RWTk1xXqcTODeYttYMCMLo0YJHaFEHn7a3akqHlb in the command line presented in the documentation, is the public key. You don't need the minisign.pub file. Public keys are so short that you don't even need them to be in a file.

I just verified that the command-line in the documentation works. Check that you copied the whole line, which may not fit in the window if your font size is large.

If you want the file, you can get it here: https://download.dnscrypt.info/dnscrypt-resolvers/v2/

from minisign.

System-wide security is far better than something limited to a web browser.

There are more things than web browsers constantly phoning home, and sending DNS requests. Such as pretty much all the installed applications, if only to check for updates, licenses or telemetry.

from minisign.

Signature key id in dnscrypt-proxy-win64-2.0.25.zip.minisig is 79833371EA15D7E4 but the key id in the public key is E7620F1842B4E81F

I got your file, different result, but the same at the same time, I don't know what to think, I verified minisign itself and it worked. shrug I'm reinstalling win7 tonight or tomorrow anyways, it's not FUBAR, but there's a lot that's broken. Thank you. If you have an idea of what is happening here, you can go ahead, I'll try with -P and the whole key instead of the file later, but yeah, strangeness is going on here.

from minisign.

Nevermind, fixed everything in the duplicate thread (sorry bout that). You have a good day and thank you!

from minisign.