Hi Folks - just starting down the path of using Maven and am unable to verify the signature for the binary tar.gz archive:
gpg --verify apache-maven-3.3.9-bin.tar.gz.asc apache-maven-3.3.9-bin.tar.gz.asc gpg: Signature made Tue 10 Nov 2015 10:44:20 AM CST using DSA key ID BB617866 gpg: BAD signature from "Sarel Jason van Zyl <[email protected]>" (after having imported the KEYS file cited on the main page). I assume all is well, but want to confirm and/or find a way to verify signature. Thanks Steve Vejcik Sr. Consultant, Innovative Solutions Group P: 312-985-2432 [cid:[email protected]] 555 W Adams Street, 8th Floor Chicago IL 60661 transunion.com<http://www.transunion.com/> This email including, without limitation, the attachments, if any, accompanying this email, may contain information which is confidential or privileged and exempt from disclosure under applicable law. The information is for the use of the intended recipient. If you are not the intended recipient, be aware that any disclosure, copying, distribution, review or use of the contents of this email, and/or its attachments, is without authorization and is prohibited. If you have received this email in error, please notify us by reply email immediately and destroy all copies of this email and its attachments.
