db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Myrna van Lunteren" <m.v.lunte...@gmail.com>
Subject Re: up to signing but...
Date Sun, 17 Jun 2007 18:57:35 GMT
On 6/17/07, Bernt M. Johnsen <Bernt.Johnsen@sun.com> wrote:
> >>>>>>>>>>>> Myrna van Lunteren wrote (2007-06-17
08:52:34):
> > I am embarrassed to say, it appears I've misremembered my passphrase.
> >
> > Any suggestions on how to proceed?
>
> If you've lost your PGP passphrase, I think there's very little that
> can be done except to generate a new key (I don't think you can revoke
> the old key either, unless you generated a revocation certificate when
> you generated the key).
>
> I also noticed that your key was not signed by anyone excpet yourself:
>
> bernt@barbar:~$ gpg -kvv myrna
> gpg: using classic trust model
> pub   1024D/44236C9F 2007-04-25
> uid                  Myrna van Lunteren <m.v.lunteren@gmail.com>
> sig 3        44236C9F 2007-04-25  Myrna van Lunteren <m.v.lunteren@gmail.com>
> sub   2048g/A0D97033 2007-04-25
> sig          44236C9F 2007-04-25  Myrna van Lunteren <m.v.lunteren@gmail.com>
>
>
> I think I remember that it says somewhere that you need to get your
> key signed by some other (at least one) person in the "apache web of
> trust" before you sign an apache release with your key.
>
>
> Bernt
>
Thx Bernt for replying...I am certain I went through a little exercise
with Andrew where he was siging my key - at least I think that was the
purpose.
Apparently that went wrong.

I have already made a new key, not uploaded yet, my questions are:
- does that key need to be in the KEYS of the version you're trying to build?
- or, if we're assuming this is not a final build (which is what I've
been saying the last couple of days) can I put it out on the web for
testing without it being signed?

I'm now going ahead assuming this doesn't need to be signed yet if
it's not an official release.

Myrna

Mime
View raw message