On Sun, Aug 25, 2013 at 05:31:35PM -0400, Rob Weir wrote: > > I wanted to verify the > > Apache_OpenOffice_4.0.0_Linux_x86-64_install-rpm_en-US.tar.gz.asc > > against my download. I downloaded the KEYS using: wget > > http://www.apache.org/dist/openoffice/KEYS Then I imported the keys. > > > > But when I ran gpg --verify it said: > > > > $ gpg --verify > > Apache_OpenOffice_4.0.0_Linux_x86-64_install-rpm_en-US.tar.gz.asc > > gpg: Signature made Tue 16 Jul 2013 05:39:05 PM CDT using RSA > > key ID B8E50356 gpg: Can't check signature: No public key > > > > The Key ID B8E50356 is not in the set I downloaded from your KEYS > > file. Why is it not in there?? > > > > Hi Ariel, is B8E50356 your key?
Yes, it is a bug that my key is not in http://www.apache.org/dist/openoffice/KEYS This file should be a copy of https://people.apache.org/keys/group/openoffice.asc or https://people.apache.org/keys/group/openoffice-pmc.asc (in case only PMC members are supposed to sign artifacts). @OP: please import the keys from https://people.apache.org/keys/group/openoffice-pmc.asc > > Allen -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 > > (GNU/Linux) > > > > iQEcBAEBAgAGBQJSGABoAAoJEK3AFbtYOknnVI0IALxbJlIW58Ll3R8aryWQXX4k > > GJ1+Gh5cWFDYvFq9Cetz86vnxDuCaiVMxEOwnRc+PtBQHWHpzRuSKTG16fOs/5JD > > SGykhVkgdkRodpiuQKE8n/kV8+/aEaa+9WpxVdn+eqhTsi3nc570JQbOaw0sCOrY > > Nrdwm5Urm7w6wcP240g5UD4pjfXqAieEEe/0FdJQepikt7VFlRjsvRYVekSDHkUL > > t5XgL3LQAaTt47vMM9EyPMxK2RfIG2dXUQ54phtgFs9CUt2yqVF4s8mA2Ha+moPu > > rc2mS4vrKeswCO6ywyfDtaQnbaZrLxPG0y9Ql0hcUv5CEHE0eRxnJgkkTYzVUaI= > > =0QtH -----END PGP SIGNATURE----- I suggest you configure Enigmail in Thunderbird to sign using PGP/MIME instead of the old-fashioned inline-PGP, in Thunderbird's Account Settings go to OpenPGP Options and enable "Use PGP/MIME by default", as explained here http://www.rainydayz.org/content/81-account-settings Regards -- Ariel Constenla-Haile La Plata, Argentina
pgpsOFdCDebXH.pgp
Description: PGP signature
