The Royale keys file is in this folder: URL: https://dist.apache.org/repos/dist/release/royale
If you run: gpg --armor --export yishayw It should dump the public key to the console. It should look like: -----BEGIN PGP PUBLIC KEY BLOCK----- Comment: GPGTools - http://gpgtools.org mQINBE/I8a4BEADdwvM00n8ONYffYsKF99gX/U+4XwsQIecpPUr/s/bpc0OOp/1m ... (many lines of characters) -----END PGP PUBLIC KEY BLOCK----- If you run: gpg --list-sigs yishayw It should dump something like this: pub 4096R/DA9CCFF2 2013-12-17 Key fingerprint = E7F7 B7D4 944C AC45 7A14 C0E9 83E0 431C DA9C CFF2 uid Yishay.... sub 4096R/BDBEDCEA 2013-12-17 Make sure the pub and sub start with 4096 or higher. If both are good, then that output gets appended to KEYS. Open the KEYS file to see how it looks. If you want you can use ">>" on the command line to append to KEYS. Please run a diff before committing to make sure nothing else got changed. AFAIK, apache does not run/host a keyserver. A few other places do and it is recommended but not required to upload your key to a key server so others can find it should they need it. But many people will just import the KEYS file instead. Two key servers are linked to on this page: https://infra.apache.org/release-signing.html#keyserver FWIW, you are asking all of the same questions I had many years ago so you are on the right track. HTH, -Alex On 4/13/20, 10:26 AM, "Yishay Weiss" <[email protected]> wrote: Hi Andrew, It’s not clear to me from our docs [1] what the equivalent of –keyserver is as described in this doc [2]. Alex, I don’t understand how to manually copy a file. Under which repo is it? [1] https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Finfra.apache.org%2Frelease-signing.html%23keyserver-upload&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117877217&sdata=KjdwYfS%2FSJdgRUK3WO%2F9YYvRIXK9gRkYgVy9uSttZGY%3D&reserved=0 [2] https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.gnupg.org%2Fgph%2Fen%2Fmanual%2Fx457.html&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117877217&sdata=Eke6eB4mmQZQaI5O8CfUf%2BgJNuX815%2FtiiJ4Lc2xwdk%3D&reserved=0 From: Andrew Wetmore<mailto:[email protected]> Sent: Monday, April 13, 2020 7:27 PM To: Apache Royale Development<mailto:[email protected]> Subject: Re: Add Key to Royale Key Server For my sins, I am responsible for maintaining that document. Please let me know if parts are unclear or inaccurate/ Andrew <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.avast.com%2Fsig-email%3Futm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Dwebmail&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117877217&sdata=QUFKf7cFHV1kCvTNVnYOfKnCXdanlw0G%2Fg7P1bgmA%2BI%3D&reserved=0> Virus-free. https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.avast.com%2F&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117877217&sdata=F%2Fe6kf8WOg5J97VR1tLsoOwPX2Ao%2FLyiDu7xqB3PaSo%3D&reserved=0<https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.avast.com%2F&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117877217&sdata=F%2Fe6kf8WOg5J97VR1tLsoOwPX2Ao%2FLyiDu7xqB3PaSo%3D&reserved=0> <https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.avast.com%2Fsig-email%3Futm_medium%3Demail%26utm_source%3Dlink%26utm_campaign%3Dsig-email%26utm_content%3Dwebmail&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117877217&sdata=QUFKf7cFHV1kCvTNVnYOfKnCXdanlw0G%2Fg7P1bgmA%2BI%3D&reserved=0> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> On Mon, Apr 13, 2020 at 1:08 PM Alex Harui <[email protected]> wrote: > What documentation steps are you trying to follow? Are you using: > > [1] https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Finfra.apache.org%2Frelease-signing.html%23key-basics&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117877217&sdata=CB0Ilk1qmlUN2AerKGjp5e%2BOj2EPWBUUMZtngC0sONs%3D&reserved=0 > [2] https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Finfra.apache.org%2Fopenpgp.html%23gnupg&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117887211&sdata=eQI3ZwO%2FCcVIai%2BIKIJWGQ8UX10zmKNEBuPBI4UfYz4%3D&reserved=0 > [3] https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Finfra.apache.org%2Frelease-signing.html%23keyserver-upload&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117887211&sdata=FDO0etbJVv1X71J9yVVf%2FaXwMAs6Q0JNri9f7Dk7v1U%3D&reserved=0 > > I don't think there is a keyserver there. I think you use the commands in > the header mentioned in [1] and manually copy your public key into that > file. I think that's what they mean by "append". > > HTH > -Alex > > > On 4/13/20, 8:37 AM, "Yishay Weiss" <[email protected]> wrote: > > How do I do that? > > Running > > gpg --keyserver > https://nam04.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdist.apache.org%2Frepos%2Fdist%2Frelease%2Froyale%2FKEYS&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117887211&sdata=VxwjYe9c7WkGW73k3mWqoniAXSo9QkNGt%2B3jMyXNEGc%3D&reserved=0 > --send-keys XXXX > > results in > > gpg: keyserver send failed: No data > > > > -- Andrew Wetmore https://nam04.safelinks.protection.outlook.com/?url=http%3A%2F%2Fcottage14.blogspot.com%2F&data=02%7C01%7Caharui%40adobe.com%7C7028ca35daf34a45252508d7dfcfda19%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C637223956117887211&sdata=nke5ZYVdS%2FQvuU3Hnqq4oSZVlLrfkhYBPLE93GfuJ7M%3D&reserved=0
