Have I correctly verified Core?
I've done this following but am a bit out of my depth:
1. Downloaded and installed Kleopatra (GPG4WIN)
2. Imported Wladimir's ASC from Bitcoincore.org
3. Downloaded bitcoin-0.17.1-win64-setup.exe
4. Downloaded SHA256SUMS.ASC from Bitcoincore.org
5. Verified SHA256SUMS.ASC was created with Wladimir's certificate via Kleopatra (*See below)
6. Obtain SHA256 hash of bitcoin-0.17.1-win64-setup.exe (**see below)
7. Confirm the SHA256 hash matches the SHA256 hash in the SHA256SUMS.ASC file (***see below)
*Signature created on Tuesday, 25 December 2018 7:03:05 PM
With certificate:
Wladimir J. van der Laan (Bitcoin Core binary release signing key) <
[email protected]> (90C8 019E 36C2 E964)
The used key is not certified by you or any trusted person
**\Bitcoin>certUtil -hashfile bitcoin-0.17.1-win64-setup.exe SHA256
SHA256 hash of bitcoin-0.17.1-win64-setup.exe:
fa1e80c5e4ecc705549a8061e5e7e0aa6b2d26967f99681b5989d9bd938d8467
CertUtil: -hashfile command completed successfully.
***fa1e80c5e4ecc705549a8061e5e7e0aa6b2d26967f99681b5989d9bd938d8467 bitcoin-0.17.1-win64-setup.exe
As far as I can tell this is correct, but step 5 has me a bit unsure, mainly due to the following:
I am led to believe that this message is correct, and that 'The data could not be verified' is simply a result of me having not verified Wladimir's key via Kleopatra.
Does all of this look correct?