OK worked this time grabbing tika.asc. Used it to validate GPG and looks good. Should probably either remove the KEYS file and simply point to [1] though.
Cheers and +1 from me! Cheers, Chris [1] https://people.apache.org/keys/group/tika.asc [chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% curl -O https://people.apache.org/keys/group/tika.asc % Total % Received % Xferd Average Speed Time Time Time Current Dload Upload Total Spent Left Speed 100 133k 100 133k 0 0 55054 0 0:00:02 0:00:02 --:--:-- 58432 [chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% gpg --import < tika.asc gpg: key B876884A: "Chris Mattmann (CODE SIGNING KEY) <mattm...@apache.org>" not changed gpg: key A355A63E: "Jukka Zitting <ju...@apache.org>" 7 new signatures gpg: key 8A26D9A6: public key "Jukka Zitting <jukka.zitt...@gmail.com>" imported gpg: key 42CFAE07: public key "Jukka Zitting (CODE SIGNING KEY) <jzitt...@adobe.com>" imported gpg: key 0EB30B07: public key "David Meikle (CODE SIGNING KEY) <dmei...@apache.org>" imported gpg: key D84E41AE: public key "Nick Burch <n...@gagravarr.org>" imported gpg: key E7AC2BA5: public key "Oleg Tikhonov <o...@apache.org>" imported gpg: key 6E68DA61: public key "Michael McCandless (CODE SIGNING KEY) <mikemcc...@apache.org>" imported gpg: key 95D21F2E: public key "Ray Gauss II (CODE SIGNING KEY) <rga...@rgauss.com>" imported gpg: key DEDEAB92: public key "Sergey Beryozkin (Release Management) <sberyoz...@gmail.com>" imported gpg: key 97EDDE66: public key "tallison (apache_distro_keys) <talli...@apache.org>" imported gpg: Total number processed: 11 gpg: imported: 9 (RSA: 6) gpg: unchanged: 1 gpg: new signatures: 7 gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 3 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 3u gpg: next trustdb check due at 2015-08-18 [chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% $HOME/bin/verify_gpg_sigs Verifying Signature for file tika-1.5-src.zip.asc gpg: Signature made Tue Feb 4 20:34:06 2014 EST using RSA key ID 0EB30B07 gpg: Good signature from "David Meikle (CODE SIGNING KEY) <dmei...@apache.org>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: F3F2 3C1E DB33 8077 254E DEEC 5241 4B0B 0EB3 0B07 [chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% -----Original Message----- From: Chris Mattmann <mattm...@apache.org> Reply-To: "dev@tika.apache.org" <dev@tika.apache.org> Date: Tuesday, February 4, 2014 10:48 PM To: "dev@tika.apache.org" <dev@tika.apache.org> Cc: "u...@tika.apache.org" <u...@tika.apache.org> Subject: Re: [VOTE] Apache Tika 1.5 RC1 >Hi Dave, > >You ROCK! > >I cannot verify the SIGS though: > >[chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% $HOME/bin/stage_apache_rc >tika 1.5-src http://people.apache.org/~dmeikle/tika-1.5-rc1/ > % Total % Received % Xferd Average Speed Time Time Time >Current > Dload Upload Total Spent Left >Speed >100 41.3M 100 41.3M 0 0 450k 0 0:01:33 0:01:33 --:--:-- >609k > % Total % Received % Xferd Average Speed Time Time Time >Current > Dload Upload Total Spent Left >Speed >100 819 100 819 0 0 3854 0 --:--:-- --:--:-- --:--:-- >7247 > % Total % Received % Xferd Average Speed Time Time Time >Current > Dload Upload Total Spent Left >Speed >100 33 100 33 0 0 147 0 --:--:-- --:--:-- --:--:-- >300 >[chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% $HOME/bin/verify_gpg_sigs >Verifying Signature for file tika-1.5-src.zip.asc >gpg: Signature made Tue Feb 4 20:34:06 2014 EST using RSA key ID 0EB30B07 >gpg: Can't check signature: No public key >[chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% curl -O >http://people.apache.org/~dmeikle/tika-1.5-rc1/KEYS > % Total % Received % Xferd Average Speed Time Time Time >Current > Dload Upload Total Spent Left >Speed >100 9258 100 9258 0 0 3801 0 0:00:02 0:00:02 --:--:-- >4638 >[chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% gpg --import < KEYS >gpg: key A355A63E: "Jukka Zitting <ju...@apache.org>" not changed >gpg: key B876884A: "Chris Mattmann (CODE SIGNING KEY) ><mattm...@apache.org>" not changed >gpg: key 9740DD55: "David Meikle (CODE SIGNING KEY) <dmei...@apache.org>" >not changed >gpg: Total number processed: 3 >gpg: unchanged: 3 >[chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% $HOME/bin/verify_gpg_sigs >Verifying Signature for file tika-1.5-src.zip.asc >gpg: Signature made Tue Feb 4 20:34:06 2014 EST using RSA key ID 0EB30B07 >gpg: Can't check signature: No public key >[chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% >$HOME/bin/verify_md5_checksums >md5sum: stat '*.tar.gz': No such file or directory >md5sum: stat '*.bz2': No such file or directory >md5sum: stat '*.tgz': No such file or directory >tika-1.5-src.zip: OK >[chipotle:~/tmp/apache-tika-1.5-rc1] mattmann% > > >Checksums check out. > >Can you scope the SIGS problem? > >Cheers, >Chris > > > >-----Original Message----- >From: David Meikle <loo...@gmail.com> >Reply-To: "dev@tika.apache.org" <dev@tika.apache.org> >Date: Tuesday, February 4, 2014 5:59 PM >To: "dev@tika.apache.org" <dev@tika.apache.org> >Cc: "u...@tika.apache.org" <u...@tika.apache.org> >Subject: [VOTE] Apache Tika 1.5 RC1 > >>Hi Guys, >> >>A candidate for the Tika 1.5 release is now available at: >>http://people.apache.org/~dmeikle/tika-1.5-rc1/ >> >>The release candidate is a zip archive of the sources in: >>http://svn.apache.org/repos/asf/tika/tags/1.5-rc1/ >> >>The SHA1 checksum of the archive is: >>66adb7e73058da73a055a823bd61af48129c1179 >> >>A staged M2 repository can also be found on repository.apache.org here: >>https://repository.apache.org/content/repositories/orgapachetika-1000 >> >>Please vote on releasing this package as Apache Tika 1.5. >>The vote is open for the next 72 hours and passes if a majority of at >>least three +1 Tika PMC votes are cast. >> >> [ ] +1 Release this package as Apache Tika 1.5 >> [ ] -1 Do not release this package because... >> >>Here is my +1 for the release. >> >>Cheers, >>Dave > >
