Home | About | Sematext search-lucene.com search-hadoop.com
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB
 Search Hadoop and all its subprojects:

Switch to Threaded View
HBase >> mail # dev >> ANN:0.90.6  RC5 available for download


Copy link to this message
-
Re: ANN:0.90.6 RC5 available for download
You probably want to do:
gpg --keyserver pgp.mit.edu --recv-keys 30CD0996

That wlil update Stack's keys and its signatures from the central
repo. Though you still won't have a "web of trust" unless you have
also signed a bunch of keys, I don't think. But I've signed Owen's key
3D0C92B9, and Owen has signed Stack's key 30CD0996, so I can verify
that signature.

-Todd

On Wed, Mar 14, 2012 at 10:49 AM, Jonathan Hsieh <[EMAIL PROTECTED]> wrote:
> Sorry about my ignorance about this -- I'm new to the gpg tools. I missed
> stack's key when I checked in the asc file.  I just ran thought the steps I
> could gather and  here's what I get.  I'm not completely sure but I believe
> there is still something not quite right with this (same WARNING on stack's
> and ram's signature).
>
> Am I doing something wrong? (or just worrying too much..)
>
> ----
> [jon@c0309 dist]$ curl
> http://svn.apache.org/viewvc/hbase/dist/KEYS?view=co> KEYS
> [jon@c0309 dist]$ gpg --import KEYS
> gpg: key 30CD0996: public key "Michael Stack <[EMAIL PROTECTED]>" imported
> gpg: key 945D66AF: public key "Jean-Daniel Cryans (ASF key) <
> [EMAIL PROTECTED]>" imported
> gpg: key D34B98D6: public key "Michael Stack <[EMAIL PROTECTED]>" imported
> gpg: key AEC77EAF: public key "Todd Lipcon <[EMAIL PROTECTED]>" imported
> gpg: Total number processed: 4
> gpg:               imported: 4  (RSA: 2)
> [jon@c0309 dist]$ gpg --verify hbase-0.90.6.tar.gz.asc.1
> hbase-0.90.6-rc5.tar.gz
> gpg: Signature made Fri 02 Mar 2012 10:40:13 AM PST using RSA key ID
> 30CD0996
> gpg: Good signature from "Michael Stack <[EMAIL PROTECTED]>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: 686E 5EDF 04A4 8305 5416  0910 DF0F 5BBC 30CD 0996
> gpg: Signature made Fri 02 Mar 2012 09:40:28 AM PST using RSA key ID
> 867B57B8
> gpg: Good signature from "Ramkrishna S Vasudevan (for code checkin) <
> [EMAIL PROTECTED]>"
> gpg: WARNING: This key is not certified with a trusted signature!
> gpg:          There is no indication that the signature belongs to the
> owner.
> Primary key fingerprint: 7405 BB74 016B E7D0 7B25  15E3 A1AB D56E 867B 57B8
> [jon@c0309 dist]$
> [jon@c0309 dist]$  # this is stack's
> [jon@c0309 dist]$ gpg --fingerprint 30cd0996
> pub   2048R/30CD0996 2010-05-03
>      Key fingerprint = 686E 5EDF 04A4 8305 5416  0910 DF0F 5BBC 30CD 0996
> uid                  Michael Stack <[EMAIL PROTECTED]>
> sub   2048R/00A5F21E 2010-05-03
> ---
>
> Jon.
>
>
> On Wed, Mar 14, 2012 at 10:06 AM, Stack <[EMAIL PROTECTED]> wrote:
>
>> On Wed, Mar 14, 2012 at 9:21 AM, Jonathan Hsieh <[EMAIL PROTECTED]> wrote:
>> > We need get the gpg signature fixed since you aren't in the web of trust
>> > yet.  We need to add stack's and I'd like to add mine once my keys get
>> > added to the web of trust (folks are a little more accessible here).
>> >
>>
>> I thought I signed it.
>>
>> if not, can check the bits and sign before release.
>>
>> Thanks for taking her for a spin Jon.
>> St.Ack
>>
>
>
>
> --
> // Jonathan Hsieh (shay)
> // Software Engineer, Cloudera
> // [EMAIL PROTECTED]

--
Todd Lipcon
Software Engineer, Cloudera
NEW: Monitor These Apps!
elasticsearch, apache solr, apache hbase, hadoop, redis, casssandra, amazon cloudwatch, mysql, memcached, apache kafka, apache zookeeper, apache storm, ubuntu, centOS, red hat, debian, puppet labs, java, senseiDB