going nuts with rpm --checksig / gpg, works on suse 7.3, doesnt work on suse 8.0

hi all, gpg / rpm --checksig are driving me crazy.... i have two systems... suse 7.3 the one, suse 8.0 the other... i have downloaded to both systems the latest webmin 1.060 webmin-1.060-1.noarch.rpm, and they gpg/pgp key from the author http://switch.dl.sourceforge.net/sourceforge/webadmin/webmin-1.060-1.noarch.... http://www.webmin.com/jcameron-key.asc the problem is, the one system gives me errors when rpm --checksig webmin-1.060-1.noarch.rpm the other system works fine... both have gpg installed and i have imported the public key of the webmin author... i dont see any difference... see here: the correctly working system (suse 7.3) # gpg --list-keys -v /root/.gnupg/pubring.gpg ------------------------ gpg: NOTE: signature key 9C800ACA expired Sat Oct 19 15:17:53 2002 CEST pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key gpg: NOTE: signature key 9C800ACA expired Sat Oct 19 15:17:53 2002 CEST sig 9C800ACA 2000-10-19 SuSE Package Signing Key sub 2048g/8495160C 2000-10-19 [expires: 2002-10-19] sig 9C800ACA 2000-10-19 SuSE Package Signing Key pub 1024D/11F63C51 2002-02-28 Jamie Cameron sig 11F63C51 2002-02-28 Jamie Cameron sub 1024g/1B24BE83 2002-02-28 sig 11F63C51 2002-02-28 Jamie Cameron --------------- then rpm: # rpm --checksig webmin-1.060-1.noarch.rpm -v webmin-1.060-1.noarch.rpm: MD5 sum OK: 547eb528952c96eec64ae3910e9c5aa5 gpg: Signature made Wed Feb 5 00:48:41 2003 CET using DSA key ID 11F63C51 gpg: Good signature from "Jamie Cameron " gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. gpg: Fingerprint: 1719 003A CE3E 5A41 E2DE 70DF D97A 3AE9 11F6 3C51 everything fine here, signature's been correctly checked on the suse 7.3 system... ------------------------------------------------------------------------- ------------------------------------------------------------------------- now in contrast the suse 8.0 system: # gpg --list-keys -v /root/.gnupg/pubring.gpg ------------------------ pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team sig B1CA3C45 1999-03-06 [User id not found] sig 3D25D3D9 1999-03-06 SuSE Security Team sig 000AABA4 2001-06-06 [User id not found] sig CEFC9215 1999-08-15 [User id not found] sig B0DFF780 2000-11-21 [User id not found] pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key sig 9C800ACA 2000-10-19 SuSE Package Signing Key sig 000AABA4 2001-01-25 [User id not found] sig 3D25D3D9 2001-01-25 SuSE Security Team sig 9C800ACA 2002-02-13 SuSE Package Signing Key sub 2048g/8495160C 2000-10-19 [expires: 2006-02-12] sig 9C800ACA 2000-10-19 SuSE Package Signing Key sig 9C800ACA 2002-02-13 SuSE Package Signing Key pub 1024D/AFB66D7C 2002-04-28 fou4s build key sig AFB66D7C 2002-04-28 fou4s build key sub 1024g/8B6432D7 2002-04-28 sig AFB66D7C 2002-04-28 fou4s build key pub 1024D/11F63C51 2002-02-28 Jamie Cameron sig 11F63C51 2002-02-28 Jamie Cameron sub 1024g/1B24BE83 2002-02-28 sig 11F63C51 2002-02-28 Jamie Cameron ------------- now the rpm output: rpm -v --checksig webmin-1.060-1.noarch.rpm webmin-1.060-1.noarch.rpm: MD5 sum OK: 547eb528952c96eec64ae3910e9c5aa5 gpg: Signature made Wed Feb 5 00:48:41 2003 CET using DSA key ID 11F63C51 gpg: Can't check signature: public key not found ---------------- jeez... am i stupid or not seeing the problem here? what the heck.... the pub key of jcameron@webmin.com is there on both systems... so what the heck is wrong here??? the md5 hash key is the very same on both systems, so the downloaded files are exactly the same... so why the heck cant suse 8.0 verify the file then???? can anyone help?? thanks and regards, andy