You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@maven.apache.org by Jason Pyeron <jp...@pdinc.us> on 2020/02/19 18:26:49 UTC
RE: [maven] Re: Is key 0x0CDE80149711EB46DFF17AE421A24B3F8B0F594A for Karl Heinz Marbaise trusted?
> -----Original Message-----
> From: Karl Heinz Marbaise
> Sent: Wednesday, February 19, 2020 1:07 PM
>
> Hi,
>
> On 19.02.20 17:04, Ward, Evan wrote:
> > Hi,
> >
> > I have been attempting to verify the signatures on maven plugins using
> > the instructions on the downloads page, e.g. [1]. Several plugins have
> > been signed by the key 0x0CDE80149711EB46DFF17AE421A24B3F8B0F594A which
<snip/>
> > If so please add it to the keys file. Karl has other keys in the KEYS file - is there a reason this
> specific key is not trusted?
>
> What do you mean exactly by "not trusted" ? ...You are checking via gpg
> --verify ?
I think he meant that it is not included in the Apache Maven "Authorized" signing keys list found at:
<snip/>
> > [2] https://www.apache.org/dist/maven/KEYS
--
Jason Pyeron | Architect
PD Inc |
10 w 24th St |
Baltimore, MD |
.mil: jason.j.pyeron.ctr@mail.mil
.com: jpyeron@pdinc.us
tel : 202-741-9397
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org