The MacPorts installation guide says:
Download the latest MacPorts-2.3.1-….pkg installer from the MacPorts download directory. […]
Double-click the downloaded package installer to perform the default “easy” install.
In between steps 1 and 2, however, a user may wish to verify the integrity of the downloaded package, using the PGP signature file also found in the Macports download directory.
If SIGNATURE_FILE is the name of the signature file, I get the following result:
$ gpg --verify SIGNATURE_FILE
gpg: Signature made Thu 26 Jun 00:37:12 2014 BST using DSA key ID B4AAE6CD
gpg: Can't check signature: public key not found
Where can I find the public key? Google doesn't seem to know.
Best Answer
The key ID is B4AAE6CD, from your command output. You need to search and retrieve the key from a keyserver:
Then your verify command should work.