I decided to install Gentoo and it is suggested to verify the cryptographic signature of downloaded files and the checksum. So I went through 100 pages of PGP4Win manual, trying to figured out how to import keys and validate the signature. I have managed to import the keys but I would need to know if it is OK that the signature appears to be in order only when I verify the key's fingerprint. When I just import keys, the signature is invalid.
Another weird thing was that when I compared the checksum of livecd.iso and digests.asc file with WinMD5 checksum was different, so does it mean that downloaded image is corrupted?
Thank you for help
