-1
I am unable to verify the gpg signatures. When verifying all of the .asc files I
get the error:
gpg: Signature made Thu 06 Jun 2024 01:42:36 PM EDT
gpg: using RSA key 4B6A956D3ED3650268802E37274B8F1413A680AF
gpg: Can't check signature: No public key
I don't see this key in our KEYS file, and this doesn't match D87AD4BD985035CD
mentioned in the VOTE email. Is this the wrong key?
On 2024-06-06 02:38 PM, Mike Beckerle wrote:
Hi all,
I'd like to call a vote to release Apache Daffodil 3.8.0-rc1.
All distribution packages, including signatures, digests, etc. can be found at:
https://dist.apache.org/repos/dist/dev/daffodil/3.8.0-rc1/
Staging artifacts can be found at:
https://repository.apache.org/content/repositories/orgapachedaffodil-1042/
This release has been signed with PGP key D87AD4BD985035CD,
corresponding to mbecke...@apache.org, which is included in the KEYS
file here: https://downloads.apache.org/daffodil/KEYS
The release candidate has been tagged in git with v3.8.0-rc1.
For reference, here is a list of all resolved JIRA issues tagged with
3.8.0: https://s.apache.org/daffodil-issues-3.8.0
For a summary of the changes in this release, see:
https://daffodil.apache.org/releases/3.8.0/
Please review and vote.
The vote will be open for at least 72 hours (Tuesday, 11 June 2024,
3pm EDT.US).
[ ] +1 approve
[ ] +0 no opinion
[ ] -1 disapprove (and reason why)
