incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christian Grobmeier <>
Subject Re: Correct process for signing keys?
Date Sun, 02 Jun 2013 08:23:54 GMT
Hi Andrew,

here are some basic docs:

I could not find information on your specific question. At log4php we were
curious recently about the same and decided to go with this:

But we made sure it would match this:

Basically my understanding is the one from people would be fine alone.
There is some danger people would take the KEYS file from a mirror which is
to my knowledge not possible from people.

My 2 cents- hopefully somebody with more knowledge on that matter (infra)
can add a note.


On Thu, May 30, 2013 at 10:44 PM, Andrew Phillips <>wrote:

> Hi all
> Apologies in advance if this is not the correct audience for this
> question: what is the correct process now for publishing signing keys for
> releases? jclouds currently has a KEYS file [1]; there is another
> (different) file containing keys in the groups list [2] on people.apache,
> and most individual committers *also* have their personal keys
> automatically retrieved via people.apache (e.g. [3]).
> In an email thread on this topic Brian (McCallister) indicated that:
>  Upon investigation, if release signing keys are published via
>>**keys/ <> then
>> we don't need a KEYS file and should remove it.
>> -Brian
> In that case, I'd be grateful if you could give some guidance on what the
> validity of the other approaches (KEYS file published somewhere or group
> KEYS file) is, and what we should do with those files, if anything.
> Thanks!
> Andrew
> [1]**incubator/jclouds/KEYS<>
> [2]**keys/group/jclouds.asc<>
> [3]**keys/committer/andrewp.asc<>
> ------------------------------**------------------------------**---------
> To unsubscribe, e-mail: general-unsubscribe@incubator.**<>
> For additional commands, e-mail: general-help@incubator.apache.**org<>


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message