incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ted Dunning <ted.dunn...@gmail.com>
Subject Re: [VOTE] Release Apache Calcite 0.9.1 (incubating)
Date Mon, 13 Oct 2014 18:39:31 GMT
On Mon, Oct 13, 2014 at 2:05 PM, Marvin Humphrey <marvin@rectangular.com>
wrote:

> > Even if the key is part of a web trust it may not be part of everyone's
> web
> > of trust. I'd see that as a hard requirement to meet.
>
> The last time this came up, Daniel Shahaf suggested an excellent solution:
>
>     http://s.apache.org/U57
>
>     No one said that a release need have only one signature...
>
>     1) RM prepares tarball, signs, uploads for voting
>     2) voting passes
>     3) mentor appends his signature to the .asc file
>     4) artifacts posted to dist/
>
>     That solves the problem for end users until the RM attends a keysigning
>     party.


Duh.

Excellent solution.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message