On 12/26/06, Rahul Akolkar <[EMAIL PROTECTED]> wrote:
On 12/26/06, Rahul Akolkar <[EMAIL PROTECTED]> wrote: <snip/> > > Back on track, will sign the pom, and will ask this list to verify it > before copying over. (BTW, is there a way to get m2 to sign?) > <snap/> Done, I've added my signature to the master pom v2 in the staging repo. My key is here [1] amongst other places (I intend to add a generic UID before 1.0.4). Please verify the sig (and m2 sums). TIA.
The md5 and sha1 checksums are fine. When I try to verify the signature, though: gpg --verify shale-master-2.pom.asc shale-master-2.pom I get the "Can't check signature: public key not found" error. I see that your key is available (at least) on the MIT keyserver ... what's the magic incantation for using such a key (without adding it to my web of trust yet ... we should probably start doing key exchanges at events like ApacheCons)? -Rahul Craig [1] http://people.apache.org/~rahul/rahul.asc
> -Rahul > >