Re: [jira] Created: (AMQ-2731) PGP Signature does not validate. The signing key is not located in the KEYS.txt

Wed, 12 May 2010 22:59:59 -0700 

I suggest using the mit key server.

I've added my long code signing key to the trunk and 5.3 branch KEYS files.  
Obviously I can't change the tag.

I lost my activemq jira credentials with the break-in and am not receiving 
password reset emails.  Anyone know how to fix this?  I asked on #infra once 
and no one seemed to know who had appropriate access.

thanks
david jencks

On May 12, 2010, at 5:53 PM, Erik (JIRA) wrote:

> PGP Signature does not validate. The signing key is not located in the 
> KEYS.txt
> -------------------------------------------------------------------------------
> 
>                 Key: AMQ-2731
>                 URL: https://issues.apache.org/activemq/browse/AMQ-2731
>             Project: ActiveMQ
>          Issue Type: Bug
>    Affects Versions: 5.3.2
>         Environment: Ubuntu Linux
>            Reporter: Erik
>            Priority: Minor
> 
> 
> The signing key for apache-activemq-5.3.2-bin.tar.gz is not located in the 
> KEYS.txt. The SHA1 hash does verify!
> 
> According to the website: 
> http://activemq.apache.org/activemq-532-release.html, the following commands 
> should verify the signature of apache-activemq-5.3.2-bin.tar.gz.
> 
> $ gpg --import KEYS.txt
> $ gpg --verify apache-activemq-5.3.2-bin.tar.gz.asc
> 
> Here is the output:
> $ gpg --import KEYS.txt
> gpg: key F5BA7E4F: "Hiram Chirino <[email protected]>" not changed
> gpg: key 56F3E01B: "David Jencks (geronimo) <[email protected]>" not 
> changed
> gpg: key 456DFEA9: "David M. Johnson (Dave Johnson) <[email protected]>" 
> not changed
> gpg: key 17AA5B25: "David Johnson <[email protected]>" not changed
> gpg: key 69CC103E: "Gary Tully (key for apache releases) 
> <[email protected]>" not changed
> gpg: key 2C983957: "Bruce Snyder <[email protected]>" not changed
> gpg: key 6852C7DA: "Dejan Bosanac <[email protected]>" not changed
> gpg: Total number processed: 7
> gpg:              unchanged: 7
> r...@s:/var/www# gpg --verify apache-activemq-5.3.2-bin.tar.gz.asc
> gpg: Signature made Mon 26 Apr 2010 03:24:47 PM PDT using RSA key ID A2F9E313
> gpg: Can't check signature: public key not found
> 
> -- 
> This message is automatically generated by JIRA.
> -
> You can reply to this email to add a comment to the issue online.
>

Reply via email to