incubator-flex-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Om <bigosma...@gmail.com>
Subject [MENTOR] .p12 file for releasing InstallApacheFlex
Date Mon, 27 Aug 2012 07:51:10 GMT
> Dave:
>
>

> Is it possible to derive these p12 files from KEYS? I think it is likely,
>> if so we have a path to signing of these artifacts by project release
>> managers
>>
>
> I will investigate this approach.  I have limited knowledge about this,
> but I believe that OpenSSL might help us here.  Will let you know soon.
>
>

Dave,

I tried this using gnupg and openssl without any luck.  Unless someone
knows how to do it, I have hit a dead end.

Erik and I have come up with this proposal to move forward.  Please let us
know your thoughts/suggestions.

For the binary releases:
* Erik de Bruin and I are the release managers for this tool
* We will create a new .p12 with a secure password.  We will NOT not check
the .p12 file in to SVN.
* I will create the Windows release on my machine using the .p12 file to
sign the AIR app
* I will securely email the .p12 file and the password (in separate emails)
to Erik de Bruin
* Erik creates the Mac release using the same .p12 file
* Erik and I sign the respective releases using our PGP keys in the Apache
Way.

For the source release:
 * I will create a compressed file with the source code and sign it with my
PGP key

Are we missing something?

Thanks,
Om

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message