My coworker tried to upgrade to XML Sec 1.4.2 and discovered that she couldn't verify the ASC signature against the binaries. It appears that a new key is being used for signing, but didn't get added to the keyring?
I was able to repro the same failure. Anybody else? ~> gpg --verbose --verify xml-security-bin-1_4_2.zip.asc gpg: armor header: Version: GnuPG v2.0.9 (SunOS) gpg: assuming signed data in `xml-security-bin-1_4_2.zip' gpg: Signature made Mon 23 Jun 2008 01:09:20 PM PDT using DSA key ID A74A32FC gpg: Can't check signature: public key not found Thanks, Jason
