incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henk P. Penning" <penn...@uu.nl>
Subject Re: [VOTE] Release of Apache Crail-1.1-incubating [rc3]
Date Mon, 05 Nov 2018 10:59:42 GMT
On Mon, 5 Nov 2018, Justin Mclean wrote:

> Date: Mon, 5 Nov 2018 11:15:41 +0100
> From: Justin Mclean <justin@classsoftware.com>
> To: general@incubator.apache.org
> Subject: Re: [VOTE] Release of Apache Crail-1.1-incubating [rc3]

>> It is signed with an Apache email address:
>>
>> $ gpg --verify apache-crail-1.1-incubating-src.tar.gz.asc
>> gpg: assuming signed data in `apache-crail-1.1-incubating-src.tar.gz'
>> gpg: Signature made Fri 26 Oct 2018 12:50:58 PM CEST using RSA key ID AA557B11
>> gpg: Good signature from "Jonas Pfefferle <pepperjo@apache.org>”
>
> Odd I get:
> gpg: assuming signed data in 'apache-crail-1.1-incubating-bin.tar.gz'
> gpg: Signature made Fri 26 Oct 21:50:58 2018 AEDT
> gpg:                using RSA key 9C196C5FAA557B11
> gpg: Good signature from "Jonas Pfefferle <jpf@zurich.ibm.com>" [unknown]
>
> But it’s not a big issue or one that stops you making a release.

   On 2018-08-21 Pfefferle added uid "pepperjo@apache.org"
   and revoked (the selfsig on) uid "jpf@zurich.ibm.com".
   Maybe you didn't refresh the signing key before using "gpg --verify".

     gpg -v --refresh 0x9C196C5FAA557B11

   Hint: always use the two-argument --verify

     gpg --verify OBJ.asc OBJ

   If OBJ.asc is erroneously created with --sign [-s] instead of
   --detach-sign [-b], then the two-argument --verify gives an error.

> Justin

   Groeten,

   HPP

------------------------------------------------------------   _
Henk P. Penning, ICT-beta                 R Uithof MG-403    _/ \_
Faculty of Science, Utrecht University    T +31 30 253 4106 / \_/ \
Leuvenlaan 4, 3584CE Utrecht, NL          F +31 30 253 4553 \_/ \_/
http://www.staff.science.uu.nl/~penni101/ M penning@uu.nl     \_/

Mime
View raw message