corinthia-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jan i <>
Subject Re: [DISCUSS][PRE-VOTE] Release candidate 0.1
Date Fri, 14 Aug 2015 19:01:19 GMT
On 14 August 2015 at 20:54, Dennis E. Hamilton <>

> I am failing to be clear about something.
> Of course I am on the project.
> And I am reviewing a release candidate.
> My review is from the perspective of what a third party needs to know in
> order to obtain and use the release candidate, were it approved as a
> release.
> Isn't that the purpose of such review?  To assess what they will find and
> its nature with regard to Apache Project practices, etc.
> I do not need to be taught how to add a public key to my key ring, or how
> to find Jan's key on the list of Apache committer's keys.
> My question is as a reviewer, applying my beginner's mind as well as I
> can. I assume the third party is not on our dev@ list and is responding
> to an announcement of the availability of an incubator release.  I do not
> want to rely on tacit knowledge or what I could figure out as a
> knowledgeable participant on ASF Projects.  We're talking about something
> made available to the public.
> Is that understandable, now?
for sure it is understandable, just very unclear what the relation is to
checking if our release is ok. You seems to be several steps further and
concerned about the end-users.

May I politely suggest we concentrate on making sure the release will pass
all votes, then we can later add documentation on e.g. our web site for end

jan i.

>  - Dennis
> -----Original Message-----
> From: Peter Kelly []
> Sent: Friday, August 14, 2015 10:42
> To:
> Subject: Re: [DISCUSS][PRE-VOTE] Release candidate 0.1
> > On 15 Aug 2015, at 12:34 am, Dennis E. Hamilton <>
> wrote:
> >
> > I think it looks good to you because you signed it and you have the
> public key.
> >
> > I obviously do not have the public key of the signer.
> >
> > Furthermore, nowhere am I told that I need yours.  I am reviewing this
> as someone who is not on the project.
> My understanding is that you *are* on the project - these release
> candidates are intended for people who are on the project.
> Even if someone were not on the project, I don’t think it’s an
> unreasonable stretch to assume that Jan is the signer, or that at minimum a
> verification could be attempted using his public key.
> [ ... ]

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message