On Tue, 14 Jul 2026 at 18:38, Branko Čibej <[email protected]> wrote:

> On 14. 7. 2026 17:21, Ivan Zhakov wrote:
>
> On Tue, 14 Jul 2026 at 18:10, Branko Čibej <[email protected]> wrote:
>
>> On 14. 7. 2026 15:33, Ivan Zhakov wrote:
>>
>> On Tue, 14 Jul 2026 at 16:24, Branko Čibej <[email protected]> wrote:
>>
>>> On 13. 7. 2026 19:34, Ivan Zhakov wrote:
>>>
>>> On Mon, 13 Jul 2026 at 14:38, Evgeny Kotkov via dev <
>>> [email protected]> wrote:
>>>
>>>> The 1.15.0-rc3 release artifacts are now available for testing/signing.
>>>> Please get the tarballs from
>>>>   https://dist.apache.org/repos/dist/dev/subversion
>>>> and add your signatures there.
>>>>
>>>> Summary:
>>>
>>>   +1 to release.
>>>
>>> Platform:
>>>
>>>   Windows 11 Version 10.0.26200.8737 (x64)
>>>
>>> Tested:
>>>
>>>   [ fsfs ] x [ file | svn | http v2] x [x64]
>>>
>>> Results:
>>>
>>>   All Tests Pass.
>>>
>>> Dependencies:
>>>
>>>   - APR 1.7.6 (compiled with 1.7.6)
>>>   - APR-Util 1.6.3 (compiled with 1.6.3)
>>>   - Expat 2.8.2 (compiled with 2.8.2)
>>>   - SQLite 3.41.2 (static)
>>>   - Utf8proc 2.1.0 (compiled with 2.1.0)
>>>   - ZLib 1.3.2 (compiled with 1.3.2)
>>>   - LZ4 1.7.5 (compiled with 1.7.5)
>>>
>>> Build tools:
>>>
>>>   MSVC v14.29-16.11 + vcxproj
>>>
>>> --
>>> Ivan Zhakov
>>>
>>>
>>> Ivan, did you forget to sign the tarballs? I didn't find your signatures.
>>>
>>>
>> I didn't sign the tarballs yet. I need to recover my key or generate new
>> one. I am working on it :)
>>
>>
>> Ah, right, oops. To recover it, all you need is a working quantum
>> computer and a couple weeks' time.
>>
> Yup. Another option is just ask NSA for their copy ;)
>
>
>> Or a supercomputer and a couple decades. To generate a new one, you need
>> 10 minutes. Good luck! :D
>>
>> I decided to go this route. But it seems I need to wait 24h wait ASF will
> fetched updated key [1]:
>
> [1]: https://people.apache.org/keys/
>
>
>
> When I generated my new signing key, I just added it to KEYS myself. Added
> the fingerprint on id.apache.org but that's it. And I left my previous
> key in KEYS since I used it to sign older releases.
>
>
I have updated fingerprint on id.apache.org, but it took 24h to get KEYS
files updated. I see that my key file on https://people.apache.org/keys/ is
updated now.

>
I have added my signatures for the subversion-1.15.0-rc3.zip tarball. I am
not sure if I should add my signature for Unix tarballs because I only
checked Windows one.

-- 
Ivan Zhakov

Reply via email to