Re: [VOTE] Apache OODT 1.1 Release Candidate #2

Sun, 23 Jul 2017 17:34:08 -0700 

That did the trick.

I'll be +1 if you also update the KEYS file.

Transcript:

fatalii 298 % date -u
Mon Jul 24 00:32:49 UTC 2017
fatalii 299 % gpg --verify apache-oodt-1.1-src.zip.asc
gpg: Signature made Wed Jul 19 13:57:50 2017 CDT using RSA key ID 0C1E654B
gpg: Good signature from "Chris Mattmann (CODE SIGNING KEY - Apr 2016) <mattm...@apache.org>" 
gpg: WARNING: This key is not certified with a trusted signature!
gpg: There is no indication that the signature belongs to the owner. 
Primary key fingerprint: F434 C970 B95A 6FCA 6FB9  0C45 4EAA F8B6 0C1E 654B


--k


Chris Mattmann wrote:

Hey Sean I think I have a new key on my Mac – can you check? I just submitted 
the new
key to MIT keyserver, can you re-verify and see if that fixes it?

Cheers,
Chris




On 7/23/17, 5:06 PM, "Sean Kelly"<ke...@apache.org>  wrote:

     Hi folks:

     I realize it's already 72 hours and we have the requisite 3 +1 votes,
     but I'm definitely in the -1 camp if this release was signed with the
     wrong key.

     I hope it's just user error on my end.

     Take care
     --k

     >  *From:* Sean Kelly<ke...@apache.org>
     >  *Date:* 2017-07-22 at 12.54 p
     >  *To:* dev@oodt.apache.org
     >  *Subject:* [VOTE] Apache OODT 1.1 Release Candidate #2
     >  Did anyone check the signature?
     >
     >  I'm getting an unknown RSA key 0C1E654B:
     >
     >  fatalii 278 % date -u
     >  Sat Jul 22 17:53:42 UTC 2017
     >  fatalii 279 % gpg --verify apache-oodt-1.1-src.zip.asc
     >  gpg: Signature made Wed Jul 19 13:57:50 2017 CDT using RSA key ID 
0C1E654B
     >  gpg: Can't check signature: No public key
     >
     >  --k
     >
     >  *From:* Chris Mattmann<mattm...@apache.org>
     >  *Date:* 2017-07-19 at 2.01 p
     >  *To:* dev@oodt.apache.org
     >  *Subject:* [VOTE] Apache OODT 1.1 Release Candidate #2
     >  Hi Folks,
     >
     >  I have posted a 2nd release candidate for the Apache OODT 1.1 release. 
The
     >  source code is at:
     >
     >  https://dist.apache.org/repos/dist/dev/oodt/
     >
     >  For more detailed information, see the included CHANGES.txt file for 
details on
     >  release contents and latest changes. The release was made using the OODT
     >  release process, documented on the Wiki here:
     >
     >  https://cwiki.apache.org/confluence/display/OODT/Release+Process
     >
     >  The release was made from the OODT 1.1 tag at:
     >
     >  https://github.com/apache/oodt/tree/1.1/
     >
     >  A staged Maven repository is available at:
     >
     >  https://repository.apache.org/content/repositories/orgapacheoodt-1013/
     >
     >  Please vote on releasing these packages as Apache OODT 1.1. The vote is
     >  open for at least the next 72 hours.
     >
     >  Only votes from OODT PMC are binding, but folks are welcome to check the
     >  release candidate and voice their approval or disapproval. The vote 
passes
     >  if at least three binding +1 votes are cast.
     >
     >  [ ] +1 Release the packages as Apache OODT 1.1
     >
     >  [ ] -1 Do not release the packages because...
     >
     >  Thanks!
     >
     >  Chris Mattmann
     >
     >  P.S. Here is my +1.
     >
     >
     >

Reply via email to