You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@any23.apache.org by "Robert P. Goldman (Jira)" <ji...@apache.org> on 2020/09/10 17:17:00 UTC
[jira] [Closed] (ANY23-452) Apache Any23 GPG signatures don't check
[ https://issues.apache.org/jira/browse/ANY23-452?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert P. Goldman closed ANY23-452.
-----------------------------------
Resolution: Invalid
> Apache Any23 GPG signatures don't check
> ---------------------------------------
>
> Key: ANY23-452
> URL: https://issues.apache.org/jira/browse/ANY23-452
> Project: Apache Any23
> Issue Type: Bug
> Components: CLI
> Affects Versions: 2.3
> Environment: MacOS Catalina
> $ gpg --version
> gpg (GnuPG) 2.2.20
> libgcrypt 1.8.5
> gpg2 command aliases to the same version.
> Reporter: Robert P. Goldman
> Priority: Major
>
> When I download the CLI archives from [http://any23.apache.org/download.html] I get bad signatures, checking as follows:
>
> {noformat}
> rpg@rpg-mbp-2: /tmp $ gpg2 --verify apache-any23-cli-2.3.tar.gz.asc
> gpg: assuming signed data in 'apache-any23-cli-2.3.tar.gz'
> gpg: Signature made Mon Feb 11 11:58:35 2019 CST
> gpg: using RSA key DB7B5199121C08A5C8F4052B3A4717F048BAEBF6
> gpg: BAD signature from "Lewis John McGibbney (CODE SIGNING KEY) <le...@apache.org>" [unknown]
> rpg@rpg-mbp-2: /tmp $ gpg --verify apache-any23-cli-2.3.tar.gz.asc
> gpg: assuming signed data in 'apache-any23-cli-2.3.tar.gz'
> gpg: Signature made Mon Feb 11 11:58:35 2019 CST
> gpg: using RSA key DB7B5199121C08A5C8F4052B3A4717F048BAEBF6
> gpg: BAD signature from "Lewis John McGibbney (CODE SIGNING KEY) <le...@apache.org>" [unknown]
> rpg@rpg-mbp-2: /tmp $ gpg --verify apache-any23-cli-2.3.zip.asc
> gpg: assuming signed data in 'apache-any23-cli-2.3.zip'
> gpg: Signature made Mon Feb 11 12:09:59 2019 CST
> gpg: using RSA key DB7B5199121C08A5C8F4052B3A4717F048BAEBF6
> gpg: BAD signature from "Lewis John McGibbney (CODE SIGNING KEY) <le...@apache.org>" [unknown]
> rpg@rpg-mbp-2: /tmp $ gpg2 --verify apache-any23-cli-2.3.zip.asc
> gpg: assuming signed data in 'apache-any23-cli-2.3.zip'
> gpg: Signature made Mon Feb 11 12:09:59 2019 CST
> gpg: using RSA key DB7B5199121C08A5C8F4052B3A4717F048BAEBF6
> gpg: BAD signature from "Lewis John McGibbney (CODE SIGNING KEY) <le...@apache.org>" [unknown]{noformat}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)