Hi Janne, Yup, I've verified it's on the public key server now.
On Dec 19, 2007, at 12:41 PM, Janne Jalkanen wrote:
Well, *now* it should be there.Unfortunately it's not signed by anyone right now. Gotta go to a keysigning party someday, unless someone is willing to do the pgp check based on a phone/skype call...
It's not really necessary for the key to be signed, since JSPWiki is still in incubation. So there's time to get to a key-signing party, or to arrange one on your own. ;-)
Signing someone's key is supposed to mean that you know the person in reality and not just in the ether-stream. Are there any other real people close enough to you to verify each other's identity and sign each other's keys? Are you planning on attending ApacheCon in Amsterdam next year?
Craig
/Janne On 19 Dec 2007, at 22:29, Janne Jalkanen wrote:I thought I did. Apparently I need to try it again... /Janne On 19 Dec 2007, at 22:24, Craig L Russell wrote:Hi Dave,The key must have been uploaded to a public key server. Then you need to import the key into your local key ring using the gpg command, e.g.[Bruiser:~/apache/foundation/board] clr% gpg --recv-keys 13BE2497 gpg: requesting key 13BE2497 from hkp server subkeys.pgp.net gpgkeys: key 13BE2497 not found on keyserver gpg: no valid OpenPGP data found. gpg: Total number processed: 0Apparently Janne's key has not been uploaded to a public key server (the servers, like DNS servers, talk to each other).So, Janne, you need to upload your key, e.g. (use your own key 13BE2497)[Bruiser:~/apache/foundation/board] clr% gpg --send-keys 65461B79 gpg: sending key 65461B79 to hkp server subkeys.pgp.net Craig On Dec 19, 2007, at 12:08 PM, Dave wrote:On Dec 16, 2007 3:44 PM, Janne Jalkanen <[EMAIL PROTECTED]> wrote:I think it's perhaps time-of-year for a lot of people that hasaffected this. I'll have a good part of this week to finally get around to somemore testing.I downloaded 2.6.0-rc1 and tested with Java 5, Tomcat 5.5.23 and theFCKEditor plugin (sweet!). Everything seems to be working fine. However, when I tried to verify the signature I got this:$ gpg --verify JSPWiki-2.6.0-rc1-bin.zip.asc JSPWiki-2.6.0-rc1- bin.zip gpg: Signature made Thu Dec 13 13:56:43 2007 EST using DSA key ID 13BE2497gpg: Can't check signature: public key not found Are there some docs on how to verify the release file? - DaveCraig RussellArchitect, Sun Java Enterprise System http://java.sun.com/ products/jdo408 276-5638 mailto:[EMAIL PROTECTED] P.S. A good JDO? O, Gasp!
Craig Russell Architect, Sun Java Enterprise System http://java.sun.com/products/jdo 408 276-5638 mailto:[EMAIL PROTECTED] P.S. A good JDO? O, Gasp!
smime.p7s
Description: S/MIME cryptographic signature
