Not sure what is happening here, but I was able to use a new key (generated with gpg2) to sign a release recently using gpg. For me, gpg is 1.4.9 and gpg2 is 2.0.12 (different command line arguments)
On 29/11/2009, at 9:41 AM, David Jencks wrote: > Recently I followed the apache advice to update my code signing key to 4096 > bits, see http://www.apache.org/dev/openpgp.html As part of that effort I > installed MacGPG2-2.0.12 as the most likely version of gpg 2.0.12 for a mac. > Although documentation seems a bit sparse I think I started the gpg agent as > well. > > Running a release I see a message at every signing opportunity > > gpg: WARNING: "--no-use-agent" is an obsolete option - it has no effect > > You need a passphrase to unlock the secret key for > user: "David Jencks (CODE SIGNING KEY) <[email protected]>" > 4096-bit RSA key, ID A2F9E313, created 2009-11-25 > > and every hour or so (??) a dialog box pops up for me to supply the > passphrase (it was a long build). This never happened before I updated gpg, > the passphrase in my settings.xml was used. > > We are using the apache 6 parent pom which specifies the 1.0-alpha-4 version > of this plugin. > > Anyone have an idea what is going on? > > thanks > david jencks > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
