I cannot validate the ASC file, this must be fixed: gpg --verify xalan-j_2_7_3-src.zip.asc gpg: assuming signed data in 'xalan-j_2_7_3-src.zip' gpg: Signature made 15-Oct-22 09:19:16 PM Eastern Daylight Time gpg: using RSA key 4D8FB572FB6ADCFD69CBFE0D7B2586A6B5E25C3D gpg: Can't check signature: No public key
When I look in the Xalan KEYS file, I do not see any entries that look like you: gpg --import KEYS-xalan.txt gpg: key 32EC175930A21D55: 9 signatures not checked due to missing keys gpg: key 32EC175930A21D55: public key "Shane Curcuru <curc...@apache.org>" imported gpg: key 19B9C18B6442C3DC: public key "Lotusxsl Team <lotusxsl_t...@lotus.com>" imported gpg: key 4243DB39C1A25EE6: public key "Scott Boag <scott_b...@lotus.com>" imported gpg: key DECE22B6C1C57D2F: public key "Myriam Midy <myriam_m...@lotus.com>" imported gpg: key B2CDEDACBEE860DE: public key "Joseph Kesselman <joseph_kessel...@lotus.com>" imported gpg: key 4CD3752B1AFFC3FE: public key "Joseph Kesselman <jkess...@apache.org>" imported gpg: key 9586DDC11AAC221B: public key "Joseph Kesselman <joseph_kessel...@lotus.com>" imported gpg: key 0CBFC7805040E0E4: public key "Sarah McNamara <mcnam...@ca.ibm.com>" imported gpg: Note: third-party key signatures using the SHA1 algorithm are rejected gpg: (use option "--allow-weak-key-signatures" to override) gpg: key 0687164E5E14E1D2: 2 bad signatures gpg: key 0687164E5E14E1D2: public key "Ilene Seelemann <il...@ca.ibm.com>" imported gpg: key AB6F4EA955DEED55: public key "Henry Zongaro <zong...@ca.ibm.com>" imported gpg: key 49017F3C3B47DEFD: public key "Brian James Minchau <minc...@ca.ibm.com>" imported gpg: key B5C693D25D9C0094: public key "Brian James Minchau (IBM Toronto Lab) <minc...@ca.ibm.com>" imported gpg: key 49017F3C3B47DEFD: "Brian James Minchau <minc...@ca.ibm.com>" not changed gpg: key 86FDC7E2A11262CB: "Gary David Gregory (Code signing key) <ggreg...@apache.org>" not changed gpg: Total number processed: 14 gpg: imported: 12 gpg: unchanged: 2 gpg: marginals needed: 3 completes needed: 1 trust model: pgp gpg: depth: 0 valid: 2 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 2u TY for your patience ;-) Gary On 2022/10/27 11:19:47 Gary Gregory wrote: > I will review Saturday morning. Thank you for the reminder. > > Gary > > On Thu, Oct 27, 2022, 04:09 Mukul Gandhi <muk...@apache.org> wrote: > > > Hi Gary, > > I'm just curious that, did you get chance to review the XalanJ 2.7.3 > > RC5. > > > > > On Sun, Oct 16, 2022 at 7:08 AM Mukul Gandhi <muk...@apache.org> wrote: > > > > > During my previous mail, I had mistakenly created a tag with name > > > xalan-j_2_7_2-rc5. I believe, that name should have actually been > > > xalan-j_2_7_3-rc5. Therefore, I've deleted the tag xalan-j_2_7_2-rc5, > > > and created a new one xalan-j_2_7_3-rc5, from the same XalanJ branch > > > codebase state. I think that, this should be ok. The other details, > > > remain the same, for the review request of XalanJ 2.7.3 RC5. > > > > > > -- > > Regards, > > Mukul Gandhi > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: private-unsubscr...@xalan.apache.org > > For additional commands, e-mail: private-h...@xalan.apache.org > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@xalan.apache.org For additional commands, e-mail: dev-h...@xalan.apache.org
