Re: [VOTE] Release Apache Curator version 5.3.0

tison Fri, 01 Jul 2022 03:27:39 -0700

Hi Jordan,

Thanks for reviewing the release candidate.


I read the doc and try to verify 5.2.1 release artifact and get:

apache-curator-5.2.1-source-release.zip
gpg: Signature made 一  3/14 16:07:11 2022 CST
gpg:                using RSA key BBE7232D7991050B54C8EA0ADC08637CA615D22C
gpg: Good signature from "Enrico Olivelli <[email protected]>" [unknown]
gpg: WARNING: This key is not certified with a trusted signature!
gpg:          There is no indication that the signature belongs to the
owner.
Primary key fingerprint: BBE7 232D 7991 050B 54C8  EA0A DC08 637C A615 D22C

It also has the warning printed. Did I miss something to import?

BTW, I may not have opportunity to attend an offline Apache meetup in this
month, which seems the only approach to join the WoT.

Best,
tison.


Jordan Zimmerman <[email protected]> 于2022年7月1日周五 17:53写道：

> Hi,
>
> Zili - your PGP key isn't in the WOT. That should be done before I make my
> vote. Apache has docs on this here:
> https://infra.apache.org/release-signing.html#web-of-trust <
> https://infra.apache.org/release-signing.html#web-of-trust>
>
> i.e. when I verify the hashes I get:
>
> gpg: Signature made Thu Jun 30 17:54:38 2022 WEST
> gpg:                using RSA key 8B374472FAD328E17F479863B379691FC6E298DD
> gpg: Good signature from "Zili Chen (CODE SIGNING KEY) <[email protected]>"
> [unknown]
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: 8B37 4472 FAD3 28E1 7F47  9863 B379 691F C6E2 98DD
>
> -Jordan
>
> > On Jun 30, 2022, at 6:21 PM, tison <[email protected]> wrote:
> >
> > Hello,
> >
> > This is the vote for Apache Curator version 5.3.0
> >
> > *** Please download, test and vote within approx. 72 hours
> >
> > Note that we are voting upon the source (tag) and binaries are provided
> for
> > convenience.
> >
> > Link to release notes:
> >
> https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12314425&version=12351883
> >
> > Staging repo:
> > https://dist.apache.org/repos/dist/dev/curator/5.3.0/
> >
> > Binary artifacts:
> > https://repository.apache.org/content/repositories/orgapachecurator-1053
> >
> > The tag to be voted upon:
> > https://github.com/apache/curator/releases/tag/apache-curator-5.3.0
> >
> > Curator's KEYS file containing PGP keys we use to sign the release:
> > https://www.apache.org/dist/curator/KEYS
> >
> > [ ] +1  approve
> > [ ] +0  no opinion
> > [ ] -1  disapprove (and reason why)
> >
> > Best,
> > tison.
>
>

Re: [VOTE] Release Apache Curator version 5.3.0

Reply via email to