Christopher Dunn
Christopher Dunn
`0.8.0` is signed. Please let me know if that works before I sign other releases. I uploaded the pgp public key `1E069516` to `keys.gnupg.net`.
Thanks, Peter.
Bad news. I had my laptop stolen. The keys were password-protected, so no worries. But I might have to create a new signing key. Hopefully I'll have time this weekend.
I just signed with a new signing key. Try it again.
That was signed with an older key. It should work now.
``` sh $ gpg --verify jsoncpp-0.10.2.tar.gz.asc gpg: assuming signed data in `jsoncpp-0.10.2.tar.gz' gpg: Signature made Mon Jun 29 00:35:08 2015 CDT using RSA key ID 3FFC2B3B gpg: Good signature from...
Try this one: - https://github.com/open-source-parsers/jsoncpp/releases/tag/0.10.4 I think I had changed the tag for yours, because I lost the old signing key. But the latest should be signed properly.
I haven't changed the procedure since when it was working. All that changed is the signing key, which I have published. ``` make -f dev.makefile sign ``` > Please ask...
- https://github.com/open-source-parsers/jsoncpp/releases/tag/0.10.5 Could you try the signature one more time? I just explicitly copy/pasted my public key armor to the MIT server. I'll try to get someone else to verify...
I'm thinking to switch to GitHub's new ["Signature Verification"](https://github.com/blog/2144-gpg-signature-verification). Any objection?