commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Henri Yandell <bay...@generationjava.com>
Subject Re: [io] Release question
Date Mon, 03 May 2004 12:38:34 GMT

Yep, I agree and now have a private build machine I can keep it on. Just
need to investigate how to migrate keys, especially if it's between pgp
and gpg.

Hen

On Mon, 3 May 2004, robert burrell donkin wrote:

> (the last thing i heard was that) the infrastructure advice on key
> management best practice was that private keys for key signing should
> not be stored on ASF machines.
>
> (the reasoning is that if the ASF machine is ever compromised, all keys
> stored on that machine would be suspect and therefore every release
> signed with that key would also be suspect. if release managers
> carefully store their own private keys then this attack requires a
> compromise of both the ASF machine and the local machine on which the
> release manager stores the private key.)
>
> personally, i'm now considering keeping my code signing private key on
> removable media with a hard copy backup.
>
> - robert
>
> On 2 May 2004, at 03:54, Henri Yandell wrote:
>
> >
> > Noel's helped me out. Seems it was migrated to the new machine. Could
> > have
> > sworn it wasn't working anymore :)
> >
> > Hen
> >
> > On Sat, 1 May 2004, Henri Yandell wrote:
> >
> >>
> >> I've cut a release for 1.0 and tagged it and am ready to call for a
> >> vote
> >> etc, but I also need to ask about PGP. I previously signed things
> >> with a
> >> key that was on icarus and is now lost. Is there any problem with me
> >> generating a new key? I've heard something about revoking keys etc.
> >>
> >> Reminds me yet again that I need to figure out pgp signing my email
> >> too.
> >>
> >> Hen
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
> >> For additional commands, e-mail: commons-dev-help@jakarta.apache.org
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: commons-dev-help@jakarta.apache.org
> >
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: commons-dev-help@jakarta.apache.org
>


---------------------------------------------------------------------
To unsubscribe, e-mail: commons-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: commons-dev-help@jakarta.apache.org


Mime
View raw message