[
https://issues.apache.org/jira/browse/ZOOKEEPER-4470?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17498489#comment-17498489
]
Enrico Olivelli commented on ZOOKEEPER-4470:
--------------------------------------------
Does it work of you append your new key instead of overriding it?
Having it signed by someone near you like Andor or Mate would help the chain of
trust probably
> Keys for validating downloads of apache-zookeeper-3.5.9 have expired
> --------------------------------------------------------------------
>
> Key: ZOOKEEPER-4470
> URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4470
> Project: ZooKeeper
> Issue Type: Bug
> Components: build
> Affects Versions: 3.5.9, 3.6.2
> Environment: Not environment specific
> Reporter: Kevin Beck
> Priority: Blocker
>
> Downloads cannot be verified because the PGP keys on the download site have
> expired.
> Keys are located here:
> [https://downloads.apache.org/zookeeper/KEYS]
>
> kbeck@KBECK-C02CF67PMD6R Downloads % gpg --verify
> apache-zookeeper-3.5.9-bin.tar.gz.asc apache-zookeeper-3.5.9-bin.tar.gz
> gpg: Signature made Wed Jan 6 11:55:29 2021 PST
> gpg: using RSA key 3D296268A36FACA1B7EAF110792D43153B5B5147
> gpg: Good signature from "Norbert Kalmar <[email protected]>" [expired]
> gpg: Note: This key has expired!
> Primary key fingerprint: 3D29 6268 A36F ACA1 B7EA F110 792D 4315 3B5B 5147
> kbeck@KBECK-C02CF67PMD6R Downloads %
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
