Hi,
I will register a new key and then give it to you for verification. And I will write this note in 'how to' Thanks --- Dawei Liu On 04/16/2020 10:57,Xiangdong Huang<[email protected]> wrote: Hi Dawei, And I think let someone endorse your key is important. Now, if we verify your signature, we the the following message: gpg2 --verify apache-iotdb-0.9.2-incubating-bin.zip.asc apache-iotdb-0.9.2-incubating-bin.zip gpg: Signature made 一 4/13 20:05:10 2020 CST gpg: using RSA key 2BC8DB6EA486F8DFCD3B99D1A8155051CE34C389 gpg: checking the trustdb gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 2 signed: 1 trust: 0-, 0q, 0n, 0m, 0f, 2u gpg: depth: 1 valid: 1 signed: 0 trust: 1-, 0q, 0n, 0m, 0f, 0u gpg: Good signature from "刘大伟 <[email protected]>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 2BC8 DB6E A486 F8DF CD3B 99D1 A815 5051 CE34 C389 Notice the two sentences: gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Best, ----------------------------------- Xiangdong Huang School of Software, Tsinghua University 黄向东 清华大学 软件学院 Willem Jiang <[email protected]> 于2020年4月16日周四 上午10:55写道: It's better to fix the key issue in this release, otherwise we still need to keep the problem key for a very long time. Willem Jiang Twitter: willemjiang Weibo: 姜宁willem On Thu, Apr 16, 2020 at 10:37 AM Dawei Liu <[email protected]> wrote: Hi Willem, I'm not sure if I need to create a new key. Can you help me make a decision Thanks --- Dawei Liu On 04/16/2020 10:34,Willem Jiang<[email protected]> wrote: If Dawei provide a new key , we need to consider to create a new signed kit and start a new vote again. Willem Jiang Twitter: willemjiang Weibo: 姜宁willem On Thu, Apr 16, 2020 at 10:26 AM Xiangdong Huang <[email protected]> wrote: Hi Dawei, I'm not sure... I think ASF does not care whether you use your Chinese name in your pgp key. If it can work well in all persons' computers, then it is ok. It works well on my MacOS by using `gpg2 --verify`. I do not know if there is any problem on other environment. By the way, can you contact me in private? No one sign your key now. I can sign your key (after you decide whether create a new one). Best, ----------------------------------- Xiangdong Huang School of Software, Tsinghua University 黄向东 清华大学 软件学院 Dawei Liu <[email protected]> 于2020年4月16日周四 上午10:19写道: Hi, The same problem has been found on many people's computers. I don't know whether this problem conforms to the principles of apache. Do I need to change the name of my key? Thanks --- Dawei Liu On 04/16/2020 10:10,Xiangdong Huang<[email protected]> wrote: Hi, I do not know whether it may cause errors in non-Chinese OS. So, I'd like to suggest you using English or Pinyin. OK... maybe it is not a big problem. At least it works on my MacOS. Best, ----------------------------------- Xiangdong Huang School of Software, Tsinghua University 黄向东 清华大学 软件学院 Xiangdong Huang <[email protected]> 于2020年4月16日周四 上午9:43写道: Hi, I open a thread to discuss about the release vote. @Da wei, it is better to open a new thread for discussion attached a vote thread. I checked the KEYS, and find your KEY name is in Chinese: uid [ 绝对 ] 刘大伟 <[email protected]> sig 3 A8155051CE34C389 2020-03-07 刘大伟 <[email protected]> sub rsa4096 2020-03-07 [E] In Chrome (or some non-Chinese environments), it looks like : uid [ ç» å¯¹ ] 刘大伟 <[email protected]> sig 3 A8155051CE34C389 2020-03-07 刘大伟 <[email protected]> I do not know whether it may cause errors in non-Chinese OS. So, I'd like to suggest you using English or Pinyin. Best, ----------------------------------- Xiangdong Huang School of Software, Tsinghua University 黄向东 清华大学 软件学院
