> before my question, note that I have already decided to make a clean
> install, not actually upgrade. Will be more efficient, but wanted to pose
> the question anyway.
> So, I was initially planning on upgrading a VM step by step from 6.2 up to
> 6.7. Downloaded https://ftp.eu.openbsd.org/pub/OpenBSD/6.3/amd64/bsd.rd > (Norway mirror) and https://ftp.openbsd.org/pub/OpenBSD/6.3/amd64/SHA256.sig > (Canada, as I like to take them from different sources). I then ran:
> signify -C -p /etc/signify/openbsd-63-base.pub -x SHA256.sig bsd.rd
> which failed with "signify: invalid comment in SHA256.sig; must start with
> 'untrusted comment: '".
The format of the .sig files was changed in a very small way, intentionally,
way back then. You are hitting that issue.