Return-Path: Delivered-To: apmail-db-jdo-commits-archive@www.apache.org Received: (qmail 77444 invoked from network); 20 Nov 2007 17:24:19 -0000 Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.2) by minotaur.apache.org with SMTP; 20 Nov 2007 17:24:19 -0000 Received: (qmail 30227 invoked by uid 500); 20 Nov 2007 17:24:06 -0000 Mailing-List: contact jdo-commits-help@db.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: jdo-dev@db.apache.org Delivered-To: mailing list jdo-commits@db.apache.org Received: (qmail 30216 invoked by uid 99); 20 Nov 2007 17:24:06 -0000 Received: from nike.apache.org (HELO nike.apache.org) (192.87.106.230) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 20 Nov 2007 09:24:06 -0800 X-ASF-Spam-Status: No, hits=-100.0 required=10.0 tests=ALL_TRUSTED X-Spam-Check-By: apache.org Received: from [140.211.11.130] (HELO eos.apache.org) (140.211.11.130) by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 20 Nov 2007 17:24:06 +0000 Received: from eos.apache.org (localhost [127.0.0.1]) by eos.apache.org (Postfix) with ESMTP id E3C62D2D5 for ; Tue, 20 Nov 2007 17:23:44 +0000 (GMT) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Apache Wiki To: jdo-commits@db.apache.org Date: Tue, 20 Nov 2007 17:23:44 -0000 Message-ID: <20071120172344.18302.80609@eos.apache.org> Subject: [Jdo Wiki] Update of "KeysAtApache" by MichelleCaisse X-Virus-Checked: Checked by ClamAV on apache.org Dear Wiki user, You have subscribed to a wiki page or wiki category on "Jdo Wiki" for change notification. The following page has been changed by MichelleCaisse: http://wiki.apache.org/jdo/KeysAtApache The comment on the change is: minor corrections ------------------------------------------------------------------------------ == Uploading your public key == The [http://pgpkeys.mit.edu MIT public key server] is commonly used and provides a web form for uploading your key. You may also use the following command to upload keys: - {{{gpg send-keys --keyserver pgp.mit.edu }}} + {{{gpg --send-keys --keyserver pgp.mit.edu }}} [[Anchor(KEYS)]] Publish the public half of your key to the KEYS file checked into your project's code repository so that users can download it to verify the signatures later. To publish your key to the KEYS file, export the public half of your key into a plain text file, @@ -90, +90 @@ 1. Upload the signed key: - {{{gpg send-keys --keyserver pgp.mit.edu }}} + {{{gpg --send-keys --keyserver pgp.mit.edu }}} or, export it and email it to the signee to upload (KEYID below is the id of the signer): @@ -112, +112 @@ The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the particular distribution. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using - % pgpk -a KEYS - % pgpv release_name.tar.gz.asc - or - % pgp -ka KEYS - % pgp release_name.tar.gz.asc - or - % gpg --import KEYS + {{{gpg --import KEYS}}} - % gpg --verify release_name.tar.gz.asc + {{{gpg --verify release_name.tar.gz.asc}}} Alternatively, you can verify the checksums on the files. Unix programs called md5/sha1 or md5sum/sha1sum are included in many unix distributions. *sum is also available as part of GNU Textutils. Windows users can get binary md5 programs from http://www.fourmilab.ch/md5 and hhttp://www.pc-tools.net/win32/freeware/console. Windows SlavaSoft fsum supports MD5 and SHA1.