I downloaded the latest Windows installer for Bisq, but it failed to validate its signature:
The key fingerprint shown in this dialog didn’t appear to be available on any keyserver, and the signature of the public key provided on the download page doesn’t match this.
Where is the public key for this signature distributed?
That is the same key that is provided on the download page.
You can see that the name of that public key file is the same as last 8 hex-digits of that fingerprint.
Here’s the result in CLI:
$ gpg --fingerprint 29CDFD3B
pub rsa4096 2017-07-27 [SC] [expires: 2021-07-27]
CB36 D7D2 EBB2 E35D 9B75 500B CD5D C1C5 29CD FD3B
uid [ unknown] Christoph Atteneder email@example.com
sub rsa4096 2017-07-27 [E] [expires: 2021-07-27]
The key fingerprint is the one of Christoph Atteneder, who managed the last release (v0.8.0).