On 6/17/07, Bernt M. Johnsen <[EMAIL PROTECTED]> wrote:
>>>>>>>>>>>> Myrna van Lunteren wrote (2007-06-17 08:52:34):
> I am embarrassed to say, it appears I've misremembered my passphrase.
>
> Any suggestions on how to proceed?
If you've lost your PGP passphrase, I think there's very little that
can be done except to generate a new key (I don't think you can revoke
the old key either, unless you generated a revocation certificate when
you generated the key).
I also noticed that your key was not signed by anyone excpet yourself:
[EMAIL PROTECTED]:~$ gpg -kvv myrna
gpg: using classic trust model
pub 1024D/44236C9F 2007-04-25
uid Myrna van Lunteren <[EMAIL PROTECTED]>
sig 3 44236C9F 2007-04-25 Myrna van Lunteren <[EMAIL PROTECTED]>
sub 2048g/A0D97033 2007-04-25
sig 44236C9F 2007-04-25 Myrna van Lunteren <[EMAIL PROTECTED]>
I think I remember that it says somewhere that you need to get your
key signed by some other (at least one) person in the "apache web of
trust" before you sign an apache release with your key.
Bernt
Thx Bernt for replying...I am certain I went through a little exercise
with Andrew where he was siging my key - at least I think that was the
purpose.
Apparently that went wrong.
I have already made a new key, not uploaded yet, my questions are:
- does that key need to be in the KEYS of the version you're trying to build?
- or, if we're assuming this is not a final build (which is what I've
been saying the last couple of days) can I put it out on the web for
testing without it being signed?
I'm now going ahead assuming this doesn't need to be signed yet if
it's not an official release.
Myrna
