You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@spark.apache.org by Sean Owen <sr...@apache.org> on 2019/05/18 13:15:53 UTC

Re: Signature verification failed

Moving to dev@
Ah, looks like it was added to
https://dist.apache.org/repos/dist/dev/spark/KEYS but not the final
dist KEYS file. I just copied it over now.

On Sat, May 18, 2019 at 7:12 AM Andreas Költringer
<an...@n-fuse.co> wrote:
>
> Hi,
>
> I wanted to download and verify (via signature) an Apache Spark package [1,2].
> The package is signed by lixiao@apache.org (Key 96F72F76830C0D1B). However,
> this key is not included in the KEYS file [3].
>
> I hope that it's just the key missing in the KEYS file, and not some nasty
> attack.
>
> [1] https://www-eu.apache.org/dist/spark/spark-2.4.3/spark-2.4.3-bin-hadoop2.7.tgz
> [2] https://www-eu.apache.org/dist/spark/spark-2.4.3/spark-2.4.3-bin-hadoop2.7.tgz
> [3] https://www.apache.org/dist/spark/KEYS
>
> regards,
>
> --
> Andreas Koeltringer
> Mail:   andreas.koeltringer@n-fuse.co
>
>
>
>

---------------------------------------------------------------------
To unsubscribe e-mail: dev-unsubscribe@spark.apache.org