incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christopher <ctubb...@apache.org>
Subject Re: [VOTE] Apache Fluo parent POM 1 and Build Resources 1.0.0
Date Mon, 08 Aug 2016 23:06:03 GMT
On Mon, Aug 8, 2016 at 6:29 PM John D. Ament <johndament@apache.org> wrote:

> +1 release contents look good.  Thank you for your due diligence on this
> release.
>
> I'll reply separately about the other comments, to not throw off this
> thread.
>
> Nitpick: Check your signature, may not be valid:
>
> gpg: WARNING: This key is not certified with a trusted signature!
>
> gpg:          There is no indication that the signature belongs to the
> owner.
>

That warning from gpg is not controllable by me. It's a warning about your
own local trust database. The warning indicates that you have not yet made
a determination of whether you trust my key or not. It usually follows the
message about the signature being valid (
https://www.gnupg.org/gph/en/manual/x334.html).

A fair number of folks have signed my key during previous ApacheCon
keysigning parties, so you may be able to trust my key transitively if you
trust one of theirs. Or, I think you can just set the trust level either
manually, or by signing it with your own key (maybe at the next ApacheCon
I'm able to attend).

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message