• Type: Bug Bug
    • Status: Open
    • Priority: Minor Minor
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: Future
    • Component/s: Tools, Build & Test
    • Labels:
    • Environment:

      Mac OS X


      I get a warning when I verify the PGP signature of 0.4.0-incubating release. I am not enough of a PGP expert to know whether this is a serious concern.

      $ gpg --keyserver --recv-key 6B5FA695
      gpg: requesting key 6B5FA695 from hkp server
      gpg: key AB10D143: public key "Jacques Nadeau <>" imported
      gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model
      gpg: depth: 0  valid:   1  signed:   0  trust: 0-, 0q, 0n, 0m, 0f, 1u
      gpg: Total number processed: 1
      gpg:               imported: 1  (RSA: 1)
      $ gpg --verify apache-drill-0.4.0-incubating.tar.gz.asc apache-drill-0.4.0-incubating.tar.gz
      gpg: Signature made Thu Jul 31 07:48:05 2014 PDT using RSA key ID 6B5FA695
      gpg: Good signature from "Jacques Nadeau <>"
      gpg: WARNING: This key is not certified with a trusted signature!
      gpg:          There is no indication that the signature belongs to the owner.
      Primary key fingerprint: BA97 595F EA79 095C AC43  C07E DF2B E030 AB10 D143
           Subkey fingerprint: 2A4A FF9C 7531 2FB4 0116  62A4 C2C6 022A 6B5F A695

      My environment is as follows:

      $ uname -a
      Darwin HW10571.local 13.3.0 Darwin Kernel Version 13.3.0: Tue Jun  3 21:27:35 PDT 2014; root:xnu-2422.110.17~1/RELEASE_X86_64 x86_64
      $ gpg --version
      gpg (GnuPG) 1.4.16
      Copyright (C) 2013 Free Software Foundation, Inc.
      License GPLv3+: GNU GPL version 3 or later <>
      This is free software: you are free to change and redistribute it.
      There is NO WARRANTY, to the extent permitted by law.
      Home: ~/.gnupg
      Supported algorithms:
      Pubkey: RSA, RSA-E, RSA-S, ELG-E, DSA
      Cipher: IDEA, 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH,
              CAMELLIA128, CAMELLIA192, CAMELLIA256
      Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
      Compression: Uncompressed, ZIP, ZLIB, BZIP2



          • Assignee:
            Julian Hyde
          • Votes:
            0 Vote for this issue
            2 Start watching this issue


            • Created: