As Bertrand wrote: gpg: Signature made Mon Jun 25 23:11:21 2018 CEST using RSA key ID 22CC20CC > gpg: Good signature from "OpenWhisk Release Bot (Release of OpenWhisk) > <apacheopenwh...@gmail.com>" [unknown] >
The key does not appear to be verified. Further can we not use an @ apache.org email address vs this gmail id (who owns that)? -r
