commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henri Yandell <bay...@generationjava.com>
Subject RE: [doc] how to release - feedback
Date Tue, 02 Sep 2003 01:22:09 GMT


On Mon, 1 Sep 2003, Noel J. Bergman wrote:

> See: http://nagoya.apache.org/wiki/apachewiki.cgi?SigningReleases
>
> PGP is mentioned, but not elaborated upon.  I wrote the GPG instructions.
> Someone who uses PGP should contribute the matching instructions.
>
> However, I do not believe that signing should be done on minotaur.  It
> should be done on the Release Manager's personal system where (s)he has
> control over the private key.  I don't like the idea of having private keys
> on minotaur.

To be argumentative, shouldn't Apache have control over the keys though?

One plus reason for not using Apache servers: some kind of version change
or something has happened on minotaur as I get errors when running certain
commands.

As pgp is not working for me, I've no alternative but to go ahead with gpg
on my own box. :)

Hen


Mime
View raw message