-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Marshall,
Marshall Schor wrote: > Thilo Goetz wrote: >> Ok, here we go. This build passes our regression test >> suite, as well as Adam's test scripts. Michael and I >> also ran some manual sanity checks. RAT report looks >> good, too. >> >> The release artifacts are available on people.a.o at >> /home/twgoetz/uima-distributions/2.2/RC5 >> >> So please cast your vote: >> >> [ ] +1 Release RC5, it's ready >> [ ] -1 Don't release yet, I found issues >> >> > +1. I verified the asc signatures for the windows zips (bin and src). > Would > it make sense for Michael and Thilo to "cross-sign" each other's keys? > that might make the gpg result messages more convincing. Right now they > say > > gpg: Signature made 08/06/07 02:16:25 using DSA key ID C874155C > gpg: Good signature from "Thilo Goetz (CODE SIGNING KEY) > <[EMAIL PROTECTED]>" > gpg: WARNING: This key is not certified with a trusted signature! > gpg: There is no indication that the signature belongs to the > owner. > > Maybe that would reduce the warning? If you do figure out how to do the > cross signing, please post something to the web site and we'll do it > here, too. > :-) > > -Marshall this indicates that you don't trust the authenticity of this key, and nobody in your web of trust does. You can decide to trust this key (meaning that you believe that it is really my key). A short description of how to do this is here: http://www.linuxpackages.net/howto.php?page=pgpsig&title=PGP+Files+Packages - --Thilo -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFGuI7gVCINLMh0FVwRAmsuAKCgniAZY6R3efHfZbO17PgdDL/OMwCfa8Rs S5oPr1rbWNqA6fgW2LyLbcw= =68PO -----END PGP SIGNATURE-----
