flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Justin Mclean <jus...@classsoftware.com>
Subject Re: [DISCUSS] Discuss Release Apache Flex PixelBender Package 1.0.0 (RC4)
Date Wed, 08 Jan 2014 01:21:46 GMT

The signatures are fine as far as I can see - other than not being in the web of trust as
as the files came from a trusted location that's OK.

This is what I get:
justinmclean$ gpg --verify apache-flex-sdk-pixel-bender-1.0.0-src.zip.asc
gpg: Signature made Tue  7 Jan 05:53:19 2014 EST using RSA key ID DA9CCFF2
gpg: Good signature from "Alex Harui (CODE SIGNING KEY) <aharui@apache.org>"
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the owner.
Primary key fingerprint: E7F7 B7D4 944C AC45 7A14  C0E9 83E0 431C DA9C CFF2


View raw message