Totally doable for the artifacts you put up in dist Joe. Basically just replacing the asc file. I'd recommend not worrying about it for the staged maven artifacts.
On Mon, Jul 11, 2016 at 2:34 PM, Tony Kurc <trk...@gmail.com> wrote: > Would it be appropriate to regenerate the signatures? I think Joe Witt may > have done something similar recently without cancelling the RC. > > > On Mon, Jul 11, 2016 at 2:05 PM, Joe Percivall < > joeperciv...@yahoo.com.invalid> wrote: > >> @Tony - I apologize, I did not. I must have accidentally overlooked that >> section of the Release Signing page. I just added the proper configuration >> to my gpg.conf file. >> >> Thank you for pointing it out, >> Joe >> - - - - - - >> Joseph Percivall >> linkedin.com/in/Percivall >> e: joeperciv...@yahoo.com >> >> >> >> >> On Monday, July 11, 2016 1:37 PM, Tony Kurc <trk...@gmail.com> wrote: >> @JoePercivall - did you go through the steps to avoid SHA1 for signing [1]? >> >> When verifying (with verbose) the nifi-0.7.0-source-release.zip.asc, I got >> this in the output: >> >> gpg: binary signature, digest algorithm SHA1 >> >> 1. http://www.apache.org/dev/openpgp.html#sha1 >> >> >> On Mon, Jul 11, 2016 at 12:50 PM, James Wing <jvw...@gmail.com> wrote: >> >> > +1 (non-binding) >> > >> > I ran through the release helper and lightly tested the generated binary. >> > >> > >> > On Sat, Jul 9, 2016 at 11:47 AM, Joe Percivall < >> > joeperciv...@yahoo.com.invalid> wrote: >> > >> > > Hello Apache NiFi Community, >> > > >> > > I am pleased to be calling this vote for the source release of Apache >> > NiFi, >> > > nifi-0.7.0. >> > > >> > > The source zip, including signatures, digests, etc. can be found at: >> > > https://repository.apache.org/content/repositories/orgapachenifi-1088/ >> > > The Git tag is nifi-0.7.0-RC2 >> > > The Git commit hash is f5629062c5e2a6c55fb62255aee74c4f25d93e7b >> > > * >> > > >> > >> https://git-wip-us.apache.org/repos/asf?p=nifi.git;a=commit;h=f5629062c5e2a6c55fb62255aee74c4f25d93e7b >> > > * >> > > >> > >> https://github.com/apache/nifi/commit/f5629062c5e2a6c55fb62255aee74c4f25d93e7b >> > > >> > > Checksums of nifi-0.7.0-source-release.zip: >> > > MD5: 3a6af39c481fb0ad3eab5a4ea1a954fd >> > > SHA1: 33e16b0a73242ddda91f89591c82aa5d6e9c8d21 >> > > SHA256: >> 56ab3132c1fef31dcf50b716b8e08272075f92e476849360280822e0cdc3e993 >> > > >> > > Release artifacts are signed with the following key: >> > > https://people.apache.org/keys/committer/jpercivall >> > > KEYS file available here: >> > > https://dist.apache.org/repos/dist/release/nifi/KEYS >> > > >> > > 138 issues were closed/resolved for this release: >> > > >> > > >> > >> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12316020&version=12335078 >> > > Release note highlights can be found here: >> > > >> > > >> > >> https://cwiki.apache.org/confluence/display/NIFI/Release+Notes#ReleaseNotes-Version0.7.0 >> > > >> > > The vote will be open for 72 hours. >> > > Please download the release candidate and evaluate the necessary items >> > > including checking hashes, signatures, build from source, and test. >> Then >> > > please vote: >> > > >> > > [ ] +1 Release this package as nifi-0.7.0 >> > > [ ] +0 no opinion >> > > [ ] -1 Do not release this package because... >> > > >> > > Thanks! >> > > >> > >>
