geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Re: Does maven provide any support for re-signing artifacts with longer keys?
Date Sat, 28 Nov 2009 22:54:13 GMT
meant to send this to a maven list... but any info great~

thanks
david jencks

On Nov 28, 2009, at 2:45 PM, David Jencks wrote:

> Apache has recently requested that all apache releases be signed  
> with 4096 bit keys and SHA512, see http://www.apache.org/dev/openpgp.html
>
> I've released some artifacts using maven signed with an older 1024  
> bit key and most likely SHA1.
>
> Is there any maven support for re-signing these older artifacts with  
> a new longer key?  If not, does anyone have any advice for a non- 
> maven way to do it?
>
> thanks
> david jencks
>


Mime
View raw message