Hi Siegfried, On 10.04.11 23:23, Siegfried Goeschl wrote: > +) when checking the signature I still get errors but maybe we get a > third opinion?
To make sure nothing happened on the way to the web server, I downloaded for example turbine-4.0-M1-binaries.tar.gz and turbine-4.0-M1-binaries.tar.gz.asc from turbine.apache.org. The result is: --8<-- gpg: ASCII-Hülle: Version: GnuPG v1.4.9 (Darwin) gpg: die unterzeichneten Daten sind wohl in 'turbine-4.0-M1-binaries.tar.gz' gpg: Unterschrift vom Di 5 Apr 21:54:30 2011 CEST mittels DSA-Schlüssel ID 88817402 gpg: verwende Vertrauensmodell PGP gpg: Korrekte Unterschrift von "Thomas Vandahl <[email protected]>" gpg: alias "Thomas Vandahl (Apache) <[email protected]>" gpg: alias "Dr. Thomas Vandahl <[email protected]>" gpg: Binäre Unterschrift, Hashmethode "SHA1" --8<-- Could you try a re-download? * Anyone else cares to verify the signatures? * I'm a bit concerned about this issue as I used the standard Maven-2 cycle to build, sign and deploy the files. It would be nasty if something went wrong on this way. Bye, Thomas. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
