You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@sling.apache.org by Radu Cotescu <ra...@apache.org> on 2020/02/25 10:53:06 UTC

Olli's key (forked from Re: [VOTE] Release Apache Sling Servlets Resolver 2.6.0)

Hi Olli,

> On 24 Feb 2020, at 22:51, Oliver Lietz <ap...@oliverlietz.de> wrote:
> 
> 
> That's strange, my updated keys are available on key servers, e.g.:
> 
> http://keys.gnupg.net/pks/lookup?
> op=vindex&fingerprint=on&search=0x3A3F9BA60E4B0826
> 
> Is anyone else encountering issues with my key?

I think there was an issue on my side, but I cannot pinpoint it. Here’s what I did:

$ gpg --list-keys olli@apache.org
pub   rsa4096 2013-09-10 [SCEA] [expired: 2020-01-01]
      CFF2A1BF15608B70F269EA803A3F9BA60E4B0826
uid           [ expired] Oliver Lietz <ol...@apache.org>

Then I refreshed the keys from a PGP server, namely from hkps://keys.openpgp.org.

I noticed only this change for your key:
gpg: key 3A3F9BA60E4B0826: "Oliver Lietz <ol...@apache.org>" 5 signatures cleaned

But the primary key was still expired. BTW, the signatures for your release were generated with your sub-key (fingerprint=1DC34D8D31B911424E80CA345BFA4941B9652429).

I then reimported the keys from our sling.asc file and noticed this change for your key:
gpg: key 3A3F9BA60E4B0826: "Oliver Lietz <ol...@apache.org>" 6 new signatures

Now I see this:
gpg --list-keys olli@apache.org
pub   rsa4096 2013-09-10 [SCEA] [expires: 2021-12-31]
      CFF2A1BF15608B70F269EA803A3F9BA60E4B0826
uid           [ unknown] Oliver Lietz <ol...@apache.org>
sub   rsa4096 2013-09-10 [SEA] [expires: 2021-12-31]

So I have no idea what happened and where…

Long story short, now your key looks ok.

Cheers,
Radu