• divi (15/15) May 21 2020 $ curl -fsS https://dlang.org/install.sh | bash -s dmd
• sebasg (7/25) May 22 2020 Currently, that key is not part of the publicly known keys and is
• sebasg (12/18) May 22 2020 Wrong, it's actually there, a subkey:
• Seb (12/27) May 22 2020 I think what's happening is that your local keyring is outdated.
• divi (2/15) May 22 2020 Excellent, that worked. Thanks!

divi <a b5.re> writes:

$ curl -fsS https://dlang.org/install.sh | bash -s dmd
Downloading and unpacking 
http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz

gpg: checking the trustdb
gpg: marginals needed: 3  completes needed: 1  trust model: pgp
gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 
0f, 1u
gpg: next trustdb check due at 2022-03-12
gpg: Signature made Mon 11 May 2020 16:54:29 BST
gpg:                using RSA key 
3AAF1A18E61F6FAA3B7193E4DB8C5218B9329CF8
gpg: Can't check signature: No public key
Invalid signature 
http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz.sig

sebasg <bzwf3xxbmp b27bs.anonbox.net> writes:

On Thursday, 21 May 2020 at 18:14:19 UTC, divi wrote:
 $ curl -fsS https://dlang.org/install.sh | bash -s dmd
 Downloading and unpacking 
 http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz

 gpg: checking the trustdb
 gpg: marginals needed: 3  completes needed: 1  trust model: pgp
 gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 
 0f, 1u
 gpg: next trustdb check due at 2022-03-12
 gpg: Signature made Mon 11 May 2020 16:54:29 BST
 gpg:                using RSA key 
 3AAF1A18E61F6FAA3B7193E4DB8C5218B9329CF8
 gpg: Can't check signature: No public key
 Invalid signature 
 http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz.sig

 gpg:                using RSA key 
 3AAF1A18E61F6FAA3B7193E4DB8C5218B9329CF8
 gpg: Can't check signature: No public key

Currently, that key is not part of the publicly known keys and is 
not in the provided
keyring: https://dlang.org/gpg_keys.html

Maybe it's a new release-signing key and the keyring hasn't been 
updated yet.
Or maybe something worse.

sebasg <bvccj3ah2k b27bs.anonbox.net> writes:

On Friday, 22 May 2020 at 10:05:54 UTC, sebasg wrote:
 Currently, that key is not part of the publicly known keys and 
 is not in the provided
 keyring: https://dlang.org/gpg_keys.html

 Maybe it's a new release-signing key and the keyring hasn't 
 been updated yet.
 Or maybe something worse.

Wrong, it's actually there, a subkey:

pub   rsa4096 2020-03-12 [SC] [expires: 2022-03-12]
       F46A 10D0 AB44 C3D1 5DD6  5797 BCDD 73FF C3EB 6146
uid           [ unknown] Martin Nowak <code dawg.eu>
uid           [ unknown] Martin Nowak 
<martin.nowak 7learnings.com>
uid           [ unknown] Martin Nowak <martin dlang.org>
sub   rsa4096 2020-03-12 [E] [expires: 2022-03-12]
       B926 14C2 1EC5 779D C678  468E 9A81 3AD3 C115 08BC
sub   rsa4096 2020-03-12 [S] [expires: 2022-03-12]
       3AAF 1A18 E61F 6FAA 3B71  93E4 DB8C 5218 B932 9CF8

Seb <seb wilzba.ch> writes:

On Thursday, 21 May 2020 at 18:14:19 UTC, divi wrote:
 $ curl -fsS https://dlang.org/install.sh | bash -s dmd
 Downloading and unpacking 
 http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz

 gpg: checking the trustdb
 gpg: marginals needed: 3  completes needed: 1  trust model: pgp
 gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 
 0f, 1u
 gpg: next trustdb check due at 2022-03-12
 gpg: Signature made Mon 11 May 2020 16:54:29 BST
 gpg:                using RSA key 
 3AAF1A18E61F6FAA3B7193E4DB8C5218B9329CF8
 gpg: Can't check signature: No public key
 Invalid signature 
 http://downloads.dlang.org/releases/2.x/2.092.0/dmd.2.092.0.linux.tar.xz.sig

I think what's happening is that your local keyring is outdated. 
The install script doesn't automatically update the keyring (nor 
warns you about the keyring being outdated). Unfortunately a 
well-known bug/problem/limitation.

You probably ran the install script at some point in the past and 
it created ~/dlang/d-keyring.gpg.
The fix should be to run this:

$ ~/dlang/install.sh update

This will result in the script updating itself and the keyring.

(The install script from prior runs gets installed at 
~/dlang/install.sh)

divi <a b5.re> writes:

On Friday, 22 May 2020 at 11:56:57 UTC, Seb wrote:
 On Thursday, 21 May 2020 at 18:14:19 UTC, divi wrote:
 [...]

 I think what's happening is that your local keyring is 
 outdated. The install script doesn't automatically update the 
 keyring (nor warns you about the keyring being outdated). 
 Unfortunately a well-known bug/problem/limitation.

 You probably ran the install script at some point in the past 
 and it created ~/dlang/d-keyring.gpg.
 The fix should be to run this:

 $ ~/dlang/install.sh update

 This will result in the script updating itself and the keyring.

 (The install script from prior runs gets installed at 
 ~/dlang/install.sh)

Excellent, that worked. Thanks!