commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Craig L Russell <Craig.Russ...@Sun.COM>
Subject Re: [releasing] PGP keys for code signing
Date Wed, 06 May 2009 05:55:13 GMT
Not so good.

Here's what I get after downloading the two files:

[CraigRussell:~/Downloads] clr% gpg --verify commons-chain-1.2- 
gpg: Signature made Tue May  5 22:13:09 2009 PDT using DSA key ID  
gpg: Can't check signature: public key not found
[CraigRussell:~/Downloads] clr% gpg --recv-keys 42196CA8
gpg: requesting key 42196CA8 from hkp server
gpgkeys: key 42196CA8 not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0

I'm no expert but it doesn't appear like the DSA key can be checked by  
gpg like all the Apache releases.


On May 5, 2009, at 10:42 PM, Christian Grobmeier wrote:

>> Why not try creating a signature for an existing Commons release,  
>> e.g. IO?
>> Upload it to your home directory on people, along with the public  
>> key,
>> and some of us can see if it is usable.
> That would be great! Thanks!
> Here are the urls:
> Cheers,
> Christian
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

Craig L Russell
Architect, Sun Java Enterprise System
408 276-5638
P.S. A good JDO? O, Gasp!

View raw message