How to verify download of LibreWolf web browser?
 

Hi.

I downloaded LibreWolf-84.0.2-2.x86_64.AppImage and LibreWolf-84.0.2-2.x86_64.AppImage.sig. I can't see a way to verify it.

I tried this so far:

Output:
I take it that these are key? [pun intended]
https://librewolf-community.gitlab.io/keys/

Is this method correct?

Input:

Output:

I'm stumped. I don't see why the verification process is not more obvious.

Anyone know what to do next?

Thanks.

Try I do not understand the nuances and why sometimes it works without 0x and sometimes only with 0x. Without it, I wait an enormous time for the response, and sometimes it does not come. There should be no difference.

First I thought you could use the same syntax for User-IDs, but this turns out to be bull. Sorry to those who read my previous comment, which was just downright ... yeah (--search-keys followed by --recv-keys works).

Also, in ~/.gnupg/gpg.conf I use keyserver hkp://keys.gnupg.net.

As there are now several generations of keyservers implementing several technologies, and I have not yet sorted out what you must, what you can and what must be avoided, I recommend to use this same keyserver-setting.

Subscribed to the gnupg users mailing-list, which I have not read for several years, I stopped understanding anything a long time ago and find the exchanges rather frustrating nowadays.

If someone could add some background to all the aspects of retrieving keys with gpg --recv-keys I would be happy.