| [jsp-dev] Looking for Signing key authenticity |
Forgive my intrusion. I am looking to locally validate the jar file jakarta.servlet.jsp-api version 3.0.0 which is signed by keyed 0x1FE771E34EF57D42 [1] > uid Eclipse Project for JSP <jsp-dev@xxxxxxxxxxx> Which is to say this mailing list. Can someone point me to where you have published this key? Yes, I can get it from the ubuntu key server but I need someone to who can speak on behalf of the project to announce that it is valid. See for instance this page [2] for slf4j. I'm also looking for 0x6D9567281201E5E3 [3] used by the sister project jakarta.servlet-api I'm hoping that once I know how to find the signing keys for one eclipse project the rest will be similar (as they are for Apache projects) Thank you Rod [1] https://keyserver.ubuntu.com/pks/lookup?search=0x1FE771E34EF57D42&fingerprint=on&op=index [2] https://github.com/qos-ch/slf4j/blob/master/SECURITY.md [3] http://keyserver.ubuntu.com/pks/lookup?search=0x6D9567281201E5E3&fingerprint=on&op=index