geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Jencks <david_jen...@yahoo.com>
Subject Does maven provide any support for re-signing artifacts with longer keys?
Date Sat, 28 Nov 2009 22:45:55 GMT
Apache has recently requested that all apache releases be signed with  
4096 bit keys and SHA512, see http://www.apache.org/dev/openpgp.html

I've released some artifacts using maven signed with an older 1024 bit  
key and most likely SHA1.

Is there any maven support for re-signing these older artifacts with a  
new longer key?  If not, does anyone have any advice for a non-maven  
way to do it?

thanks
david jencks


Mime
View raw message