On 8/9/2013 11:39 AM, Richard Eckart de Castilho wrote:
> Am 09.08.2013 um 16:26 schrieb Marshall Schor <[email protected]>:
>
>> The UIMA KEYS file is missing your public signing key; please add it. Here
>> are
>> some instructions (freshly updated to reflect our new way of putting things
>> on
>> the Apache distribution) on doing this from
>> http://uima.apache.org/one-time-release-setup.html
>>
>> Create (if you haven't already) your GPG keys; see Making GPG Keys. The UIMA
>> project KEYS file is stored in SVN in the trunk/uima-website/docs/KEYS file.
>> Please add your exported public key to the bottom of this file, and commit
>> the
>> change.
>>
>> Also, checkout and update the KEYS file at the top level of our release
>> distribution, located at
>> https://dist.apache.org/repos/dist/release/uima/KEYS.
> Added key to KEYS.
>
>> This page has instructions for generating the lines to add to the KEYS file;
>>
>> https://www.apache.org/dev/release-signing.html#keys-policy
>>
>> The verification passes (after I downloaded your key from the MIT key
>> server),
>> but says the signature is untrusted. It would be good to get your key into
>> the
>> web-of-trust as described in the above page, so it would become trusted (but
>> that's not strictly required).
> I suppose we should set up a small key-signing session at the UIMA@GSCL
> workshop in September ;) I'll see if I can find some colleagues that use GPG
> and who would sign my key.
:-) -Marshall
> Cheers,
>
> -- Richard
