Am 17.11.2015 um 00:06 schrieb Scott Kostyshak <skost...@lyx.org>:
> On Tue, Nov 17, 2015 at 12:01:16AM +0100, Stephan Witt wrote:
>> Am 16.11.2015 um 23:50 schrieb Scott Kostyshak <skost...@lyx.org>:
>>
>>> On Mon, Nov 16, 2015 at 05:48:03PM -0500, Richard Heck wrote:
>>>> On 11/16/2015 05:39 PM, Scott Kostyshak wrote:
>>>>> On Mon, Nov 16, 2015 at 10:59:09AM +0100, Stephan Witt wrote: >> Am
>>>>> 14.11.2015 um 20:24 schrieb Scott Kostyshak <skost...@lyx.org>:
>>>>>>>>> Dear all, >>> >>> If you have time, please download the LyX
>>>> 2.2.0alpha1 tar and test that >>> it compiles/installs as expected. It
>>>> is located here: >>> >>>
>>>> ftp://ftp.lyx.org/pub/lyx/devel/lyx-2.2/lyx-2.2.0alpha1/ >>> >>> Also if
>>>> you can, please check that it verifies correctly. This is my >>> first
>>>> time signing a tar ball. >> >> The signature is ok. The build on Mac OS
>>>> X works. > > Thanks for checking these. > >> I've uploaded the result
>>>> here: >> >>
>>>> https://dl.dropboxusercontent.com/u/27842660/LyX-2.2.0alpha1%2Bqt5-x86_64-cocoa.dmg
>>>>>>
>>>> https://dl.dropboxusercontent.com/u/27842660/LyX-2.2.0alpha1%2Bqt5-x86_64-cocoa.dmg.sig
>>>>>>>> I've used Qt 5.5.1 to build it. > > Good choice. > > The key you
>>>> used to sign expired a year and a half ago: > > $ gpg --verify *sig >
>>>> gpg: assuming signed data in `LyX-2.2.0alpha1+qt5-x86_64-cocoa.dmg' >
>>>> gpg: Signature made Mon 16 Nov 2015 04:09:30 AM EST using RSA key ID >
>>>> EE614DC4 > gpg: Good signature from "LyX on Mac OS X (Signing LyX disk
>>>> images) > <sw...@lyx.org>" > gpg: Note: This key has expired! > Primary
>>>> key fingerprint: 4154 4A61 DBB7 7561 47C1 DD4F A149 7996 EE61 > 4DC4 >
>>>> $ > > Is this a problem? > I imagine it is not a problem for alpha, and
>>>> that I should go ahead and > upload your .dmg but I wanted to check first.
>>>>
>>>> Just to be clear: You should resign this with the LyX key. Stephan's
>>>> signature is only to guarantee to you that the binary is valid and from
>>>> him.
>>>
>>> Ah thanks for pointing this out. I actually did not know that. I will
>>> resign.
>>
>> Yes, please. At the time I made the key I gave it a time limit. Then I've
>> published it. Later - after the expiration, I made a new one and Vincent
>> "complained" that this key isn't published. I realized then that I can extend
>> the period of validity and did that. But now the key servers don't accept
>> this.
>> I don't know how to deal with that, sorry :(
>
> Not a problem at all for me. I just wanted to double-check.
>
> Indeed, it is nice if the key is published. This should be easy with the
> command
>
> gpg --send-keys B6470BEB
>
> where B6470BEB is the ID you want to publish. It seems you have tried
> something like that and the keyserver gave an error? What is the error
> from that command?
I've sent it already anno 2011.
This is my current attempt to follow your advice:
$ gpg --send-keys EE614DC4
gpg: sende Schlüssel EE614DC4 auf den hkp-Server keys.gnupg.net
gpg: Schlüsselserver-Zeitüberschreitung
gpg: Senden an Schlüsselserver fehlgeschlagen: Schlüsselserverfehler
$ LANG=C gpg --send-keys EE614DC4
gpg: sending key EE614DC4 to hkp server keys.gnupg.net
$ LANG=C gpg --search-keys sw...@lyx.org
gpg: searching for "sw...@lyx.org" from hkp server keys.gnupg.net
(1) LyX on Mac OS X (Signing LyX disk images) <sw...@lyx.org>
2048 bit RSA key EE614DC4, created: 2011-03-09, expires: 2014-03-08
(expired)
(2) Stephan Witt <sw...@lyx.org>
LyX on Mac OS X (Signing LyX disk images) <sw...@lyx.org>
2048 bit RSA key F7BCC31C, created: 2011-03-09
Keys 1-2 of 2 for "sw...@lyx.org". Enter number(s), N)ext, or Q)uit > q
$
Note the missing error message while trying to send the key with LANG=C.
Stephan
