Has anyone been able to verify the signature on the rc4 package? I'm a gpg novice, but from what I can tell the keyId of the key used to sign the package doesn't match the key id of Dave's key I obtained from /roller/KEYS.
Is this my problem or not? --a. ------------- % gpg --verify apache-roller-2.3-rc4-incubating.tar.gz.asc.txt apache-roller-2.3-rc4-incubating.tar.gz gpg: Signature made Wed 24 May 2006 05:44:22 PM PDT using DSA key ID 17AA5B25 gpg: Can't check signature: public key not found Here's the info on the sole key I got from /roller/KEYS in the repository. % gpg --list-keys "David" pub 1024D/456DFEA9 2006-05-17 David M. Johnson (Dave Johnson) <[EMAIL PROTECTED]> sub 2048g/07AE9419 2006-05-17
