PGP key to sign the 8.6 branch

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

PGP key to sign the 8.6 branch

Bruno Roustant
Hi

I've been reading the PGP/GPG key part of the ReleaseTodo doc. https://cwiki.apache.org/confluence/display/LUCENE/ReleaseTodo
I created a 4K-bit key (with my apache.org email) and I uploaded it to MIT key server pgp.mit.edu last Thursday.

But there is a line in the doc that says my key should be signed by another committer. I asked David Smiley but it seems he encounters difficulties to get back my key from the server.
Could someone help us to understand the issue?

Thanks!

Bruno
Reply | Threaded
Open this post in threaded view
|

Re: PGP key to sign the 8.6 branch

Robert Muir
I have had problems with gpg last few hours too. pgp.mit.edu has been slow/not working even for my own key.
But if i use an alternative server it works better.

May not help you, as your key (6AD29C0A?) doesn't seem to exist on any of the other servers yet.

$ gpg --verbose --keyserver pgp.mit.edu --recv-keys 322D7ECA
gpg: keyserver receive failed: No keyserver available
$ gpg --verbose --keyserver keyserver.ubuntu.com --recv-keys 322D7ECA
gpg: data source: http://162.213.33.9:11371
gpg: key 817AE1DD322D7ECA: number of dropped non-self-signatures: 6
gpg: pub  rsa4096/817AE1DD322D7ECA 2009-11-05  Robert Muir (Code Signing Key) <[hidden email]>
gpg: key 817AE1DD322D7ECA: "Robert Muir (Code Signing Key) <[hidden email]>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

On Mon, Jun 29, 2020 at 10:09 AM Bruno Roustant <[hidden email]> wrote:
Hi

I've been reading the PGP/GPG key part of the ReleaseTodo doc. https://cwiki.apache.org/confluence/display/LUCENE/ReleaseTodo
I created a 4K-bit key (with my apache.org email) and I uploaded it to MIT key server pgp.mit.edu last Thursday.

But there is a line in the doc that says my key should be signed by another committer. I asked David Smiley but it seems he encounters difficulties to get back my key from the server.
Could someone help us to understand the issue?

Thanks!

Bruno
Reply | Threaded
Open this post in threaded view
|

Re: PGP key to sign the 8.6 branch

David Smiley
I've been trying to get Bruno's key and have had great difficulty.
I can find his key with the web interface: https://pgp.mit.edu/pks/lookup?search=broustant%40apache.org&op=vindex  

But at the CLI I can't find it:

This fails:

gpg --keyserver pgp.mit.edu --search-keys [hidden email]

gpg: searching for "[hidden email]" from hkp server pgp.mit.edu

gpg: key "[hidden email]" not found on keyserver


And so does:

gpg --keyserver pgp.mit.edu -v --recv-keys 0x377C3BA26AD29C0A

gpg: requesting key 6AD29C0A from hkp server pgp.mit.edu

gpg: keyserver timed out

gpg: keyserver receive failed: Keyserver error


~ David Smiley
Apache Lucene/Solr Search Developer


On Mon, Jun 29, 2020 at 10:33 AM Robert Muir <[hidden email]> wrote:
I have had problems with gpg last few hours too. pgp.mit.edu has been slow/not working even for my own key.
But if i use an alternative server it works better.

May not help you, as your key (6AD29C0A?) doesn't seem to exist on any of the other servers yet.

$ gpg --verbose --keyserver pgp.mit.edu --recv-keys 322D7ECA
gpg: keyserver receive failed: No keyserver available
$ gpg --verbose --keyserver keyserver.ubuntu.com --recv-keys 322D7ECA
gpg: data source: http://162.213.33.9:11371
gpg: key 817AE1DD322D7ECA: number of dropped non-self-signatures: 6
gpg: pub  rsa4096/817AE1DD322D7ECA 2009-11-05  Robert Muir (Code Signing Key) <[hidden email]>
gpg: key 817AE1DD322D7ECA: "Robert Muir (Code Signing Key) <[hidden email]>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

On Mon, Jun 29, 2020 at 10:09 AM Bruno Roustant <[hidden email]> wrote:
Hi

I've been reading the PGP/GPG key part of the ReleaseTodo doc. https://cwiki.apache.org/confluence/display/LUCENE/ReleaseTodo
I created a 4K-bit key (with my apache.org email) and I uploaded it to MIT key server pgp.mit.edu last Thursday.

But there is a line in the doc that says my key should be signed by another committer. I asked David Smiley but it seems he encounters difficulties to get back my key from the server.
Could someone help us to understand the issue?

Thanks!

Bruno
Reply | Threaded
Open this post in threaded view
|

Re: PGP key to sign the 8.6 branch

Bruno Roustant
I uploaded my key (6AD29C0A) to keyserver.ubuntu.com, pgp.surfnet.nl and hkps.pool.sks-keyservers.net and it can be retrieved now:

gpg --verbose --keyserver keyserver.ubuntu.com --recv-keys 6AD29C0A

gpg: data source: http://162.213.33.9:11371

gpg: pub  rsa4096/377C3BA26AD29C0A 2020-06-26  Bruno Roustant <[hidden email]>

gpg: key 377C3BA26AD29C0A: "Bruno Roustant <[hidden email]>" not changed

gpg: Total number processed: 1

gpg:              unchanged: 1


I still cannot connect to pgp.mit.edu

Le lun. 29 juin 2020 à 16:52, David Smiley <[hidden email]> a écrit :
I've been trying to get Bruno's key and have had great difficulty.
I can find his key with the web interface: https://pgp.mit.edu/pks/lookup?search=broustant%40apache.org&op=vindex  

But at the CLI I can't find it:

This fails:

gpg --keyserver pgp.mit.edu --search-keys [hidden email]

gpg: searching for "[hidden email]" from hkp server pgp.mit.edu

gpg: key "[hidden email]" not found on keyserver


And so does:

gpg --keyserver pgp.mit.edu -v --recv-keys 0x377C3BA26AD29C0A

gpg: requesting key 6AD29C0A from hkp server pgp.mit.edu

gpg: keyserver timed out

gpg: keyserver receive failed: Keyserver error


~ David Smiley
Apache Lucene/Solr Search Developer


On Mon, Jun 29, 2020 at 10:33 AM Robert Muir <[hidden email]> wrote:
I have had problems with gpg last few hours too. pgp.mit.edu has been slow/not working even for my own key.
But if i use an alternative server it works better.

May not help you, as your key (6AD29C0A?) doesn't seem to exist on any of the other servers yet.

$ gpg --verbose --keyserver pgp.mit.edu --recv-keys 322D7ECA
gpg: keyserver receive failed: No keyserver available
$ gpg --verbose --keyserver keyserver.ubuntu.com --recv-keys 322D7ECA
gpg: data source: http://162.213.33.9:11371
gpg: key 817AE1DD322D7ECA: number of dropped non-self-signatures: 6
gpg: pub  rsa4096/817AE1DD322D7ECA 2009-11-05  Robert Muir (Code Signing Key) <[hidden email]>
gpg: key 817AE1DD322D7ECA: "Robert Muir (Code Signing Key) <[hidden email]>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

On Mon, Jun 29, 2020 at 10:09 AM Bruno Roustant <[hidden email]> wrote:
Hi

I've been reading the PGP/GPG key part of the ReleaseTodo doc. https://cwiki.apache.org/confluence/display/LUCENE/ReleaseTodo
I created a 4K-bit key (with my apache.org email) and I uploaded it to MIT key server pgp.mit.edu last Thursday.

But there is a line in the doc that says my key should be signed by another committer. I asked David Smiley but it seems he encounters difficulties to get back my key from the server.
Could someone help us to understand the issue?

Thanks!

Bruno
Reply | Threaded
Open this post in threaded view
|

Re: PGP key to sign the 8.6 branch

David Smiley
I signed and sent the updated key to the ubuntu & sks-keyservers servers.  Before signing, via other communication channels, I verified that the hexadecimal key ID was authentic.

~ David Smiley
Apache Lucene/Solr Search Developer


On Tue, Jun 30, 2020 at 6:20 AM Bruno Roustant <[hidden email]> wrote:
I uploaded my key (6AD29C0A) to keyserver.ubuntu.com, pgp.surfnet.nl and hkps.pool.sks-keyservers.net and it can be retrieved now:

gpg --verbose --keyserver keyserver.ubuntu.com --recv-keys 6AD29C0A

gpg: data source: http://162.213.33.9:11371

gpg: pub  rsa4096/377C3BA26AD29C0A 2020-06-26  Bruno Roustant <[hidden email]>

gpg: key 377C3BA26AD29C0A: "Bruno Roustant <[hidden email]>" not changed

gpg: Total number processed: 1

gpg:              unchanged: 1


I still cannot connect to pgp.mit.edu

Le lun. 29 juin 2020 à 16:52, David Smiley <[hidden email]> a écrit :
I've been trying to get Bruno's key and have had great difficulty.
I can find his key with the web interface: https://pgp.mit.edu/pks/lookup?search=broustant%40apache.org&op=vindex  

But at the CLI I can't find it:

This fails:

gpg --keyserver pgp.mit.edu --search-keys [hidden email]

gpg: searching for "[hidden email]" from hkp server pgp.mit.edu

gpg: key "[hidden email]" not found on keyserver


And so does:

gpg --keyserver pgp.mit.edu -v --recv-keys 0x377C3BA26AD29C0A

gpg: requesting key 6AD29C0A from hkp server pgp.mit.edu

gpg: keyserver timed out

gpg: keyserver receive failed: Keyserver error


~ David Smiley
Apache Lucene/Solr Search Developer


On Mon, Jun 29, 2020 at 10:33 AM Robert Muir <[hidden email]> wrote:
I have had problems with gpg last few hours too. pgp.mit.edu has been slow/not working even for my own key.
But if i use an alternative server it works better.

May not help you, as your key (6AD29C0A?) doesn't seem to exist on any of the other servers yet.

$ gpg --verbose --keyserver pgp.mit.edu --recv-keys 322D7ECA
gpg: keyserver receive failed: No keyserver available
$ gpg --verbose --keyserver keyserver.ubuntu.com --recv-keys 322D7ECA
gpg: data source: http://162.213.33.9:11371
gpg: key 817AE1DD322D7ECA: number of dropped non-self-signatures: 6
gpg: pub  rsa4096/817AE1DD322D7ECA 2009-11-05  Robert Muir (Code Signing Key) <[hidden email]>
gpg: key 817AE1DD322D7ECA: "Robert Muir (Code Signing Key) <[hidden email]>" not changed
gpg: Total number processed: 1
gpg:              unchanged: 1

On Mon, Jun 29, 2020 at 10:09 AM Bruno Roustant <[hidden email]> wrote:
Hi

I've been reading the PGP/GPG key part of the ReleaseTodo doc. https://cwiki.apache.org/confluence/display/LUCENE/ReleaseTodo
I created a 4K-bit key (with my apache.org email) and I uploaded it to MIT key server pgp.mit.edu last Thursday.

But there is a line in the doc that says my key should be signed by another committer. I asked David Smiley but it seems he encounters difficulties to get back my key from the server.
Could someone help us to understand the issue?

Thanks!

Bruno