On Mon, Nov 16, 2015 at 05:48:03PM -0500, Richard Heck wrote: > On 11/16/2015 05:39 PM, Scott Kostyshak wrote: > > On Mon, Nov 16, 2015 at 10:59:09AM +0100, Stephan Witt wrote: >> Am > > 14.11.2015 um 20:24 schrieb Scott Kostyshak <skost...@lyx.org>: > >> >>> Dear all, >>> >>> If you have time, please download the LyX > 2.2.0alpha1 tar and test that >>> it compiles/installs as expected. It > is located here: >>> >>> > ftp://ftp.lyx.org/pub/lyx/devel/lyx-2.2/lyx-2.2.0alpha1/ >>> >>> Also if > you can, please check that it verifies correctly. This is my >>> first > time signing a tar ball. >> >> The signature is ok. The build on Mac OS > X works. > > Thanks for checking these. > >> I've uploaded the result > here: >> >> > https://dl.dropboxusercontent.com/u/27842660/LyX-2.2.0alpha1%2Bqt5-x86_64-cocoa.dmg > >> > https://dl.dropboxusercontent.com/u/27842660/LyX-2.2.0alpha1%2Bqt5-x86_64-cocoa.dmg.sig > >> >> I've used Qt 5.5.1 to build it. > > Good choice. > > The key you > used to sign expired a year and a half ago: > > $ gpg --verify *sig > > gpg: assuming signed data in `LyX-2.2.0alpha1+qt5-x86_64-cocoa.dmg' > > gpg: Signature made Mon 16 Nov 2015 04:09:30 AM EST using RSA key ID > > EE614DC4 > gpg: Good signature from "LyX on Mac OS X (Signing LyX disk > images) > <sw...@lyx.org>" > gpg: Note: This key has expired! > Primary > key fingerprint: 4154 4A61 DBB7 7561 47C1 DD4F A149 7996 EE61 > 4DC4 > > $ > > Is this a problem? > I imagine it is not a problem for alpha, and > that I should go ahead and > upload your .dmg but I wanted to check first. > > Just to be clear: You should resign this with the LyX key. Stephan's > signature is only to guarantee to you that the binary is valid and from him.
Ah thanks for pointing this out. I actually did not know that. I will resign. Scott
signature.asc
Description: PGP signature
