DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUGĀ· RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT <http://issues.apache.org/bugzilla/show_bug.cgi?id=40789>. ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED ANDĀ· INSERTED IN THE BUG DATABASE.
http://issues.apache.org/bugzilla/show_bug.cgi?id=40789 Summary: Key for signature on 5.5.20 tar.gz missing from KEYS file Product: Tomcat 5 Version: 5.5.20 Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: Unknown AssignedTo: tomcat-dev@jakarta.apache.org ReportedBy: [EMAIL PROTECTED] The web page at: http://tomcat.apache.org/download-55.cgi says, "We provide PGP signatures for every release file. This signature should be matched against the KEYS file which contains the PGP keys of Tomcat's Release Managers." However, the key used to sign the tar.gz core distribution for 5.5.20 is not in the KEYS.htm file available at http://www.apache.org/dist/tomcat/tomcat-5/KEYS. Running gpg --verify on the .asc file downloaded from http://www.apache.org/dist/tomcat/tomcat-5/v5.5.20/bin/apache-tomcat-5.5.20.tar.gz.asc (for file http://apache.edgescape.com/tomcat/tomcat-5/v5.5.20/bin/apache-tomcat-5.5.20.tar.gz) shows that the key ID is D7B65864. A grep for D7B65864 on the KEYS file shows it isn't there. -- Configure bugmail: http://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]