On Friday, August 14, 2015, Dennis E. Hamilton <dennis.hamil...@acm.org> wrote:
> Please provide an authoritative ASF location of the public key to use for > checking the signature. It would be something like a continuously verified > key on this list: <https://people.apache.org/keys/committer/>. (This > establishes both the name of the ASF committer who possesses the signature > and that the key has not been revoked.) ????? if you look there you will see my key. This is done automatically when you add your key to id.a.o > > How will that be made known to reviewers and downloaders of the Release > Candidate? well people.a.o/keys/committer is the official place, my key is furthermore uploaded on a couple of key servers. rgds jan i > > - Dennis > > ----- Failure Output ----- > Microsoft Windows [Version 10.0.10240] > (c) 2015 Microsoft Corporation. All rights reserved. > > C:\Program Files (x86)\GNU\GnuPG>gpg2 > d:\Apache\corinthia\rc\incubator-corinthia > _release_0.1.zip.asc > gpg: Signature made 08/14/15 02:51:06 Pacific Daylight Time using RSA key > ID 577 > E7412 > gpg: Can't check signature: No public key > > C:\Program Files (x86)\GNU\GnuPG> > > > > -- Sent from My iPad, sorry for any misspellings.
