So I just went thru the process to publish our devicedata 1.0.1 release to
apache's nexus repo and I think it was successful. I will check later today and
see if its officially public...! :)
---
From: Reza <[email protected]>
To: "[email protected]" <[email protected]>
Sent: Wednesday, October 15, 2014 10:45 AM
Subject: Re: key signing issue for releasing devicemap-data
Looks like my previous key was signing and encryption, which added a subkey.
Ok, let me try this again :)
From: Bertrand Delacretaz <[email protected]>
To: "[email protected]" <[email protected]>
Sent: Wednesday, October 15, 2014 4:30 AM
Subject: Re: key signing issue for releasing devicemap-data
Hi,
On Tue, Oct 14, 2014 at 8:08 PM, Reza <[email protected]> wrote:
> ...I believe I need to make a code signing key with no subkey. I noticed that
> a few of
> your guys have keys specifically listed as code signing only. I cannot seem
> to find the
> instructions for creating a code signing only key (with no subkeys)...?
I do not use subkeys, created my key [1] at the command line without
special options (probably following the instructions at [2]) and
didn't have problems with it.
Note that https://issues.sonatype.org/browse/OSSRH-1525 suggests using
GPG keychain access to delete the subkeys if they are unwanted - I
don't know how that works but that might help.
-Bertrand
[1] http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x77B6B69A9E4DCC6B
[2] https://www.gnupg.org/gph/en/manual/c14.html
