+1 I have tested the binary and src distributions on windows XP and all looks well.
We should make sure the keys are correct first though. Cheers, Edell. -----Original Message----- From: Mosur Ravi, Balaji Sent: 28 September 2006 13:03 To: yoko-dev@incubator.apache.org Subject: RE: [VOTE] Publish Yoko M1 release Hi lars, The keys are not in the keyserver yet, so try to follow the steps in: http://www.apache.org/dev/release-signing.html You might have to first do an import & then verify... gpg --import KEYS gpg --verify foo-1.0.tar.gz.asc foo-1.0.tar.gz Let me know if this works... - Balaji -----Original Message----- From: Lars Kühne [mailto:[EMAIL PROTECTED] Sent: Thursday, September 28, 2006 1:00 AM To: yoko-dev@incubator.apache.org Subject: Re: [VOTE] Publish Yoko M1 release Mosur Ravi, Balaji wrote: > Please vote to publish the Milestone 1 release distributions. Please > take some time to download the distributions, review them and test > them in your environment before voting. > > Is anyone able to verify the signature? I'm a beginner with PGP, so the problem may very well be on my end. I followed the instructions on http://httpd.apache.org/dev/verification.html ~/downloads> gpg yoko-1.0-incubating-M1-SNAPSHOT-bin.tar.gz.asc gpg: Signature made Wed 20 Sep 2006 03:09:10 PM CEST using RSA key ID 03FE48F6 gpg: Can't check signature: public key not found ~/downloads> gpg < $YOKO/trunk/KEYS pub 512R/BA5A3775 2006-08-10 bravi <[EMAIL PROTECTED]> ~/downloads> gpg yoko-1.0-incubating-M1-SNAPSHOT-bin.tar.gz.asc gpg: Signature made Wed 20 Sep 2006 03:09:10 PM CEST using RSA key ID 03FE48F6 gpg: Can't check signature: public key not found The key used to sign the code is also not available via pgpkeys.mit.edu (see KEYS file in trunk). ~/downloads> gpg --keyserver pgpkeys.mit.edu --recv-key 03FE48F6 gpgkeys: WARNING: this is an *experimental* HKP interface! gpgkeys: key 03FE48F6 not found on keyserver gpg: no valid OpenPGP data found. Maybe the problem is that the ID used (03FE48F6) is different from the key id in the keys file (BA5A3775)? Other than that I've only found some minor flaws: * the example code uses a yoko BootManager. There should be a comment in the code that this is only to minimize the required infrastructure for the example and typically clients find their servers in an implementation independent way like CosNaming. * the XMLSchema section of the NOTICE file contains capitalization errors, lowercase "apache software foundation") I don't think any of those should prevent a release. -1 until someone can verify the file signatures, +1 after that. /Lars
