commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sebb <seb...@gmail.com>
Subject Re: [releasing] PGP keys for code signing
Date Tue, 05 May 2009 21:20:21 GMT
Why not try creating a signature for an existing Commons release, e.g. IO?

Upload it to your home directory on people, along with the public key,
and some of us can see if it is usable.

S.
On 05/05/2009, Siegfried Goeschl <siegfried.goeschl@it20one.at> wrote:
> Hi Christian,
>
>  as far as I remember CACert is about X.509 certificates and not PGP
>  keys. If that assumption is true than this key is not usable for
>  PGP-signing.
>
>  Cheers,
>
>
>  Siegfried Goeschl
>
>
>  Christian Grobmeier wrote:
>  > Hi all,
>  >
>  > I am sorry for asking dumb, but I am a complete idiot on all that
>  > encryption stuff.
>  > I read this: http://wiki.apache.org/commons/CreatingReleases
>  > and all the links in the section of signature keys. i understand how PGP works.
>  >
>  > I have a key created and this has been signed by CACert where I am
>  > fully assured and uploaded it to a keyserver.
>  > Question: is this a suitable key for code signing at apache?
>  >
>  > Thanks,
>  > Christian
>  >
>  > ---------------------------------------------------------------------
>  > To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
>  > For additional commands, e-mail: dev-help@commons.apache.org
>  >
>  >
>  >
>  >
>
>  ---------------------------------------------------------------------
>  To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
>  For additional commands, e-mail: dev-help@commons.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
For additional commands, e-mail: dev-help@commons.apache.org


Mime
View raw message