[
https://issues.apache.org/jira/browse/WHIMSY-275?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16881576#comment-16881576
]
Matt Sicker commented on WHIMSY-275:
------------------------------------
There was a brand new release of gpg today (2.2.17) which has mitigated the
DDoS issue. If we update the whimsy version of gpg, we can revert back to using
sks-keyservers again.
> GPG verification no longer working
> ----------------------------------
>
> Key: WHIMSY-275
> URL: https://issues.apache.org/jira/browse/WHIMSY-275
> Project: Whimsy
> Issue Type: Bug
> Components: SecMail
> Reporter: Matt Sicker
> Assignee: Craig L Russell
> Priority: Major
>
> After changing to keys.openpgp.org, no signatures can be verified in Whimsy.
> Take any of the recent .asc-signed ICLAs in the workbench and they'll all
> fail to verify the public key. If you try downloading those keys directly via
> gpg using keys.openpgp.org (or searching on their site), you'll find the
> appropriate keys, though Whimsy will still give a "no public key" error.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
