Hi, I just tried to verify the artifact sign, I got these message:
gpg rocketmq-test-4.0.0-incubating-sources.jar.asc gpg: Signature made Tue Feb 7 17:17:14 2017 CST using RSA key ID C50AC1B1 gpg: Can't check signature: public key not found it looks like the public key is not upload the keyserver. You can upload the key to the key server here[1]. BTW the key that yukon uses is less than 2048 bit, it's better to choose a strong one as this suggested[2] [1]https://pgp.mit.edu/ [2]https://www.apache.org/dev/openpgp.html#generate-key Willem Jiang Blog: http://willemjiang.blogspot.com (English) http://jnn.iteye.com (Chinese) Twitter: willemjiang Weibo: 姜宁willem On Tue, Feb 7, 2017 at 7:24 PM, Justin Mclean <[email protected]> wrote: > Hi, > > Please put all non vote discussion here, rather than in the vote thread, > as it makes it easier to count and review votes. > > Thanks, > Justin
