Hi, I'm not sure you need your key "confirmed." I sign tomcat releases with my key and have had users verify the signatures without a problem, even though I never took extra steps to register my key anywhere or otherwise "confirm" it.
Yoav Shapira Millennium Research Informatics >-----Original Message----- >From: Gary Gregory [mailto:[EMAIL PROTECTED] >Sent: Tuesday, July 13, 2004 6:39 PM >To: Jakarta Commons Developers List >Subject: [general] signing releases. > >I am going through the steps [1] to release Commons-Codec 1.3 and I am >wondering at how strictly other components have been following the rules >WRT signing. > >In particular, in step 8 "Verify signatures.", I get the same results as >for my local copy of codec 1.3 as for lang 2.0 when I do the following: > ># gpg --verify commons-lang-2.0.tar.gz.asc commons-lang-2.0.tar.gz >gpg: Signature made Mon 01 Sep 2003 06:34:22 PM PDT using DSA key ID >61F3E6B3 >gpg: Good signature from "Henri Yandell (For signing Apache >distributions) " >gpg: checking the trustdb >gpg: no ultimately trusted keys found >gpg: WARNING: This key is not certified with a trusted signature! >gpg: There is no indication that the signature belongs to the >owner. >Primary key fingerprint: CEF6 F51A E081 BA36 7763 52F2 5094 C55A 61F3 >E6B3 > >So, is this good enough even with the WARNING? > >Thanks, >Gary > >[1] http://jakarta.apache.org/commons/releases/release.html > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] This e-mail, including any attachments, is a confidential business communication, and may contain information that is confidential, proprietary and/or privileged. This e-mail is intended only for the individual(s) to whom it is addressed, and may not be saved, copied, printed, disclosed or used by anyone else. If you are not the(an) intended recipient, please immediately delete this e-mail from your computer system and notify the sender. Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
