I'm trying to verify the fingerprint of the Qubes Master signing Key (QMSK) however, I've run into some inconsistent output.
For example: Qubes Os website & web of trust shows after executing the following command: Gpg --fingerprint keyid
The following:
pub 4096R/36879494 2010-04-01 Key fingerprint = 427F 11FD 0FAA 4B08 0123 F01C DDFA 1A3E 3687 9494 uid Qubes Master Signing Key
However, when I'm executing the command there's a inconsistency with the pub, however the fingerprint is exactly the same. Here's my output:
pub rsa4096 2010-04-01 [SC] Key fingerprint = 427F 11FD 0FAA 4B08 0123 F01C DDFA 1A3E 3687 9494 uid [unknown] Qubes Master Signing Key
I understand the uid output "unknown" is because I haven't trusted the key yet, however I'm not sure if the pub part is telling me the key is authentic. After all the fingerprint is the exact same.
