[
https://issues.apache.org/jira/browse/WHIMSY-275?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16881655#comment-16881655
]
Sam Ruby commented on WHIMSY-275:
---------------------------------
At the moment, my sense is that [~mattsicker] knows more about how to fix this
than I do. He provided a pull request which - until now - I thought mitigated
the issue. I applied the pull request shortly after it was created. Did not
this not address the problem?
https://github.com/apache/whimsy/commit/780438f1967f3f475159b93f2e419c1b501f00ae
Meanwhile, we are waiting for the Ubuntu maintainers to package and ship an
updated version of gpg2. Since 16.04 is still under maintenance, it is
possible that the fix will be made available for that release. If not, we have
a rough handle on what it would take to upgrade whimsy to 18.04.
> GPG verification no longer working
> ----------------------------------
>
> Key: WHIMSY-275
> URL: https://issues.apache.org/jira/browse/WHIMSY-275
> Project: Whimsy
> Issue Type: Bug
> Components: SecMail
> Reporter: Matt Sicker
> Assignee: Craig L Russell
> Priority: Major
>
> After changing to keys.openpgp.org, no signatures can be verified in Whimsy.
> Take any of the recent .asc-signed ICLAs in the workbench and they'll all
> fail to verify the public key. If you try downloading those keys directly via
> gpg using keys.openpgp.org (or searching on their site), you'll find the
> appropriate keys, though Whimsy will still give a "no public key" error.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)
