commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Craig L Russell <Craig.Russ...@Sun.COM>
Subject Re: [releasing] PGP keys for code signing
Date Wed, 06 May 2009 14:43:08 GMT
Much better!

[CraigRussell:~/Downloads] clr% gpg --recv-keys 42196CA8
gpg: requesting key 42196CA8 from hkp server subkeys.pgp.net
gpg: key 42196CA8: public key "Christian Grobmeier (Apache  
Codesigning) <grobmeier@apache.org>" imported
gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
gpg: depth: 0  valid:   1  signed:  74  trust: 0-, 0q, 0n, 0m, 0f, 1u
gpg: depth: 1  valid:  74  signed:  26  trust: 17-, 26q, 0n, 0m, 31f, 0u
gpg: depth: 2  valid:  19  signed:   7  trust: 7-, 10q, 0n, 0m, 2f, 0u
gpg: next trustdb check due at 2009-05-09
gpg: Total number processed: 1
gpg:               imported: 1
[CraigRussell:~/Downloads] clr% gpg --verify commons-chain-1.2- 
bin.tar.gz.asc
gpg: Signature made Tue May  5 22:13:09 2009 PDT using DSA key ID  
42196CA8
gpg: Good signature from "Christian Grobmeier (Apache Codesigning) <grobmeier@apache.org

 >"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the  
owner.
Primary key fingerprint: 9D23 5338 96A9 7847 0358  5B62 86E0 2C5A 4219  
6CA8

I'd vote for this signature being valid to sign releases. Only  
incubator releases right now, since it hasn't been signed by the  
Apache WOT. That can be fixed at a Sign-a-Thon. ;-)

Craig

On May 5, 2009, at 11:35 PM, Christian Grobmeier wrote:

>> gpg: Can't check signature: public key not found
>> [CraigRussell:~/Downloads] clr% gpg --recv-keys 42196CA8
>> gpg: requesting key 42196CA8 from hkp server subkeys.pgp.net
>> gpgkeys: key 42196CA8 not found on keyserver
>
> Thanks, i sent it to several keyservers now :-)
> Can you try again?
>
> Christian
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
> For additional commands, e-mail: dev-help@commons.apache.org
>

Craig L Russell
Architect, Sun Java Enterprise System http://db.apache.org/jdo
408 276-5638 mailto:Craig.Russell@sun.com
P.S. A good JDO? O, Gasp!


Mime
View raw message