commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Matt Sicker <boa...@gmail.com>
Subject Re: [all] Removal of old pgp key from https://www.apache.org/dist/commons/KEYS
Date Wed, 19 Jul 2017 19:03:32 GMT
I think so.

On 19 July 2017 at 10:46, Gary Gregory <garydgregory@gmail.com> wrote:

> On Jul 19, 2017 08:43, "Matt Sicker" <boards@gmail.com> wrote:
>
> On 18 July 2017 at 15:02, Stefan Bodewig <bodewig@apache.org> wrote:
> >
> > We shouldn't remove any key that has been used to sign a release in the
> > past. No matter how long in the past :-)
> >
>
> What about expired keys?
>
>
> Can't those still be used to validate old releases?
>
> Gary
>
>
> --
> Matt Sicker <boards@gmail.com>
>



-- 
Matt Sicker <boards@gmail.com>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message