While it’s preferred that KEYS are signed it’s not required. The last Apache key signing party was at Apachecon Las Vegas in 2019. Here’s looking forward to the next one. Bring your government ids.
Regards, Dave Sent from my iPhone > On Feb 16, 2022, at 6:11 PM, PengHui Li <peng...@apache.org> wrote: > > Hi Michael, > > Please check your key > > ``` > gpg: assuming signed data in 'apache-pulsar-2.8.3-bin.tar.gz' > gpg: Signature made Wed Feb 16 04:49:42 2022 CST > gpg: using RSA key BD4291E509D771B79E7BD1F5C5724B3F5588C4EB > gpg: Good signature from "Michael Marshall <mmarsh...@apache.org>" [unknown] > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the > owner. > ``` > > I think it should be an issue that the key does not been signed? I'm not > sure. > > Thanks, > Penghui > >> On Thu, Feb 17, 2022 at 9:56 AM PengHui Li <peng...@apache.org> wrote: >> >> +1 (binding) >> >> - Checked the signature >> - Start the standalone >> - Publish and consume messages >> - Check the Cassandra connector >> - Check the stateful function >> >> Thanks for the great work, >> Penghui >> >> On Wed, Feb 16, 2022 at 12:35 PM Michael Marshall <mmarsh...@apache.org> >> wrote: >> >>> This is the second release candidate for Apache Pulsar, version 2.8.3. >>> >>> It fixes the following issues: >>> https://github.com/apache/pulsar/compare/v2.8.2...v2.8.3-candidate-2 >>> >>> *** Please download, test and vote on this release. This vote will stay >>> open >>> for at least 72 hours *** >>> >>> Note that we are voting upon the source (tag), binaries are provided for >>> convenience. >>> >>> Source and binary files: >>> https://dist.apache.org/repos/dist/dev/pulsar/pulsar-2.8.3-candidate-2/ >>> >>> SHA-512 checksums: >>> >>> >>> aa9fb934260e158fe6a30208324459dd747d32fbb52ee61a28a322c6161f3e21d2e97f61118ee0e82488720f7c7787233949ef9eb80567b83896f08b12c54090 >>> ./apache-pulsar-2.8.3-bin.tar.gz >>> >>> 47747e2cdc323c00fcdd08c537c77f355a94fbfaee77789718cb70e52726b7084522a842505e7eff1c1be26fddc850f2134d400a803854286ac8ea2f7cada121 >>> ./apache-pulsar-2.8.3-src.tar.gz >>> >>> Unofficial Docker images: >>> michaelmarshall/pulsar:2.8.3-rc2 >>> michaelmarshall/pulsar-all:2.8.3-rc2 >>> michaelmarshall/pulsar-standalone:2.8.3-rc2 >>> michaelmarshall/pulsar-grafana:2.8.3-rc2 >>> >>> Maven staging repo: >>> https://repository.apache.org/content/repositories/orgapachepulsar-1140/ >>> >>> The tag to be voted upon: >>> v2.8.3-candidate-2 (83a522f3a17d41eb3727ffee67cdf035e8ea471b) >>> https://github.com/apache/pulsar/releases/tag/v2.8.3-candidate-2 >>> >>> Pulsar's KEYS file containing PGP keys we use to sign the release: >>> https://dist.apache.org/repos/dist/dev/pulsar/KEYS >>> >>> Please download the source package, and follow the README to build >>> and run the Pulsar standalone service. >>> >>
