Robert Rothenberg wrote:
On 05/07/2006 02:34 PM Ken Williams wrote:
I've just re-released Pod::Readme without a signature, because the
signature problems are choking up Module::Build users.
Module::Build doesn't do anything with signatures - all it knows how to
do is generate a signature file when building a distribution. I'd
suspect that the failures have more to do with the version of CPAN or
CPANPLUS users have. Or if it's M::B in some way I don't understand, do
you have any error output?
It's CPAN/CPANPLUS, but M::B users are installing P::R....
When I manually downloaded Pod-Readme-0.08 (which still included a
SIGNATURE file), I got this error message:
[Downloads] 523 $ cd Pod-Readme-0.08
[Pod-Readme-0.08] 524 $ cpansign -v
Executing gpg --verify --batch --no-tty
--keyserver=hkp://pgp.mit.edu:11371
--keyserver-options=auto-key-retrieve SIGNATURE
gpg: Signature made Mon May 1 12:34:59 2006 EDT using RSA key ID BB72D9C5
gpg: requesting key BB72D9C5 from hkp server pgp.mit.edu
gpgkeys: key C5A2D18FBB72D9C5 not found on keyserver
gpg: no valid OpenPGP data found.
gpg: Total number processed: 0
gpg: Can't check signature: public key not found
==> BAD/TAMPERED signature detected! <==
Which is a signing problem ... but not the same signing problem I just
reported in the case of Module-Build and PathTools.
jimk
