Am 09.08.2013 um 16:26 schrieb Marshall Schor <[email protected]>: > The UIMA KEYS file is missing your public signing key; please add it. Here > are > some instructions (freshly updated to reflect our new way of putting things on > the Apache distribution) on doing this from > http://uima.apache.org/one-time-release-setup.html > > Create (if you haven't already) your GPG keys; see Making GPG Keys. The UIMA > project KEYS file is stored in SVN in the trunk/uima-website/docs/KEYS file. > Please add your exported public key to the bottom of this file, and commit the > change. > > Also, checkout and update the KEYS file at the top level of our release > distribution, located at https://dist.apache.org/repos/dist/release/uima/KEYS.
Added key to KEYS. > This page has instructions for generating the lines to add to the KEYS file; > > https://www.apache.org/dev/release-signing.html#keys-policy > > The verification passes (after I downloaded your key from the MIT key server), > but says the signature is untrusted. It would be good to get your key into > the > web-of-trust as described in the above page, so it would become trusted (but > that's not strictly required). I suppose we should set up a small key-signing session at the UIMA@GSCL workshop in September ;) I'll see if I can find some colleagues that use GPG and who would sign my key. Cheers, -- Richard
