Did the KEYS file get updated? Thanks, Jason
On Tue, Jun 2, 2009 at 10:59 AM, Sean Mullan <sean.mul...@sun.com> wrote: > I signed it for the first time with my key but I thought I had updated the > KEYS file. I'll look into this and get back to you. > > --Sean > > > jason marshall wrote: > > As a datapoint, using the same process I am able to verify the 1.4.1 > signature. Did the signing key get swapped out at some point without > updating the KEYS file? > > Thanks, > Jason > > On Mon, Jun 1, 2009 at 2:16 PM, jason marshall <jdmarsh...@gmail.com>wrote: > >> My coworker tried to upgrade to XML Sec 1.4.2 and discovered that she >> couldn't verify the ASC signature against the binaries. It appears that a >> new key is being used for signing, but didn't get added to the keyring? >> >> I was able to repro the same failure. Anybody else? >> >> ~> gpg --verbose --verify xml-security-bin-1_4_2.zip.asc >> gpg: armor header: Version: GnuPG v2.0.9 (SunOS) >> gpg: assuming signed data in `xml-security-bin-1_4_2.zip' >> gpg: Signature made Mon 23 Jun 2008 01:09:20 PM PDT using DSA key ID >> A74A32FC >> gpg: Can't check signature: public key not found >> >> >> Thanks, >> Jason >> >> > > > -- > - Jason > > > -- - Jason
