+1 I additionally used a shell script (kindly provided on Christian Grobmeier blog[1]) to check signatures and output is OK Well done!!! Have a nice day, all the best, Simo
[1] http://www.grobmeier.de/checking-md5-and-signatures-with-a-shell-script-29062011.html $ ./verify.sh Checking file: ./commons-daemon-1.0.7.jar Using md5 file: ./commons-daemon-1.0.7.jar.md5 c3460b191a233c8ed4f7bd041a3b3cdf c3460b191a233c8ed4f7bd041a3b3cdf md5 checksums OK Checking file: ./commons-daemon-1.0.7.jar Using sha1 file: ./commons-daemon-1.0.7.jar.sha1 6177d189e62ac37bf136b6a35fd3ff4a5e8a183a 6177d189e62ac37bf136b6a35fd3ff4a5e8a183a sha1 checksums OK GPG verification output gpg: Signature made Tue Aug 2 06:51:18 2011 CEST using DSA key ID 564C17A3 gpg: Good signature from "Mladen Turk (*** DEFAULT SIGNING KEY ***) <mt...@apache.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 61B8 32AC 2F1C 5A90 F0F9 B00A 1C50 6407 564C 17A3 ~~~~~~~~~~~~~~~~~~~~~~~ Checking file: ./commons-daemon-1.0.7-bin.tar.gz Using md5 file: ./commons-daemon-1.0.7-bin.tar.gz.md5 b31ff577b101420d780271a7b055eab5 b31ff577b101420d780271a7b055eab5 md5 checksums OK Checking file: ./commons-daemon-1.0.7-bin.tar.gz Using sha1 file: ./commons-daemon-1.0.7-bin.tar.gz.sha1 ce5a26078e77ea38f53169f3938872c3d76e0a6e ce5a26078e77ea38f53169f3938872c3d76e0a6e sha1 checksums OK GPG verification output gpg: Signature made Tue Aug 2 06:51:32 2011 CEST using DSA key ID 564C17A3 gpg: Good signature from "Mladen Turk (*** DEFAULT SIGNING KEY ***) <mt...@apache.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 61B8 32AC 2F1C 5A90 F0F9 B00A 1C50 6407 564C 17A3 ~~~~~~~~~~~~~~~~~~~~~~~ Checking file: ./commons-daemon-1.0.7-bin.zip Using md5 file: ./commons-daemon-1.0.7-bin.zip.md5 8b978ce01ffac6eab97250df4cb528da 8b978ce01ffac6eab97250df4cb528da md5 checksums OK Checking file: ./commons-daemon-1.0.7-bin.zip Using sha1 file: ./commons-daemon-1.0.7-bin.zip.sha1 060bc3ce907522f58baf8a841865c41c8a3c0e25 060bc3ce907522f58baf8a841865c41c8a3c0e25 sha1 checksums OK GPG verification output gpg: Signature made Tue Aug 2 06:51:03 2011 CEST using DSA key ID 564C17A3 gpg: Good signature from "Mladen Turk (*** DEFAULT SIGNING KEY ***) <mt...@apache.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 61B8 32AC 2F1C 5A90 F0F9 B00A 1C50 6407 564C 17A3 http://people.apache.org/~simonetripodi/ http://www.99soft.org/ On Tue, Aug 2, 2011 at 7:28 AM, Phil Steitz <phil.ste...@gmail.com> wrote: > +1 > > Phil > > On 8/1/11 10:06 PM, Mladen Turk wrote: >> The proposed Apache Commons Daemon 1.0.7 release is now available >> for voting. >> >> It can be obtained from: >> http://people.apache.org/~mturk/daemon-1.0.7/ >> The svn tag is: >> https://svn.apache.org/repos/asf/commons/proper/daemon/tags/COMMONS_DAEMON_1_0_7_RC1/ >> >> >> The vote will last for 72 hours or less if enough votes are >> collected. >> As usual, if voted, the tag will be renamed to COMMONS_DAEMON_1_0_7. >> >> >> The proposed 1.0.7 release is: >> [ ] Stable - go ahead and release as 1.0.7 Stable >> [ ] Broken - do not release >> >> >> Regards > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
