On Mon, 2006-12-11 at 11:12 -0500, Rahul Akolkar wrote: > On 12/11/06, Mario Ivankovits <[EMAIL PROTECTED]> wrote: > > Hi Robert! > > > release candidate 4 is available @ > > > http://people.apache.org/~rdonkin/commons-betwixt/ and the site @ > > > http://people.apache.org/~rdonkin/commons-betwixt/site/ > > > > > I've updated my gpg key store using "gpg ---refresh-keys" and got your > > now key (at least it looks like). > > Then I tried to check the sig: > > > > # gpg --verify commons-betwixt-0.8-RC4.tar.gz.asc > > commons-betwixt-0.8-RC4.tar.gz > > gpg: Signature made So 10 Dez 2006 16:52:55 CET using DSA key ID 7D0D4DED > > gpg: BAD signature from "Robert Burrell Donkin (CODE SIGNING KEY) > > <[EMAIL PROTECTED]>"
yeh: it's bad > > Any idea why its BAD? i was in a rush and didn't bother double checking them :-/ > > The md5 sum is correct. > > > <snip/> > > I looked around for a couple of minutes, but couldn't find the key > (tried the MIT server with "Robert Donkin", needs to be the email address (rdonkin same as apache id) > betwixt trunk and RC URL). Please point me to the key. http://www.apache.org/dist/jakarta/commons/betwixt/KEYS > Also, I personally favor (now) the style with which we've made the > last four releases out of Commons (final artifact versions, no need to > rebuild artifacts after vote). I'm generally plus zero (spelling it > out so its not confused with a vote) to the older style, such as this > vote. i seem to remember bad experiences with leakages to ibiblio long ago but if this isn't a probably any more, i'd prefer to vote on artifacts. however, i haven't really kept up on the current fashions in the commons so i'm not sure what the current consensus is. what i'll do is keep this thread running for those who prefer to vote on candidates. if there are too few votes, i'll cut a release and people can vote on that instead. - robert --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
