incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Niclas Hedhman <>
Subject ASF Web of Trust [was: Release Distribution Strategy]
Date Sun, 28 Oct 2007 07:57:34 GMT
On Sunday 28 October 2007 06:24, Noel J. Bergman wrote:
> Perhaps
> we should add some information on getting into the Web of Trust, although
> that is really a general committer item, not Incubator specific.

I am not very security fluent, and perhaps someone could explain to me;

What is the difference of being an Apache committer/Member with the *signed* 
ICLA, which indeed is a legal document, and that other ASF folks has seen 
your driver's license (et al) and signed you into the web of trust?

From my perspective, the latter is not legally binding and at the most act as 
some form of "someone has identified it to be a real person with that 

FWIW, I think ASF should increase the efforts in the ASF Web of Trust, both 
getting more people engaged (like myself, I can't figure out the practical 
details on how to go about it) as well as tooling support for verifications.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message