incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "John D. Ament" <johndam...@apache.org>
Subject Re: Looking for GPG key signers in Boston area
Date Mon, 19 Jun 2017 17:29:52 GMT
Is there a guide you're getting that from?  When I look at [1] it seems we
trust the public registries, so nothing else should be needed.

John

[1]: https://www.apache.org/info/verification.html


On Mon, Jun 19, 2017 at 1:28 PM Eric Friedrich (efriedri) <
efriedri@cisco.com> wrote:

> Thanks John-
>   My key is already listed there and is present in the KEYS file as well.
>
> Doesn’t the key also need to be verified by others at Apache to be
> considered valid?
>
> —Eric
>
> > On Jun 19, 2017, at 1:12 PM, John D. Ament <johndament@apache.org>
> wrote:
> >
> > I think all you have to do is upload it via https://pgp.mit.edu/
> ...........
> >
> > John
> >
> > On Mon, Jun 19, 2017 at 1:11 PM Eric Friedrich (efriedri) <
> > efriedri@cisco.com> wrote:
> >
> >> Apologies for this slightly unorthodox use of the mailer.
> >>
> >> I’m in the process of preparing a release for the Traffic Control
> podling.
> >> As the RM, I have to use my GPG key to sign the release.
> >>
> >> However, my GPG key is not yet tied into the web of trust and we cannot
> >> pass the vote because of this.
> >>
> >> Is there anyone in the Boston area (preferably South or metro-west) that
> >> would be willing to meet and verify my key ownership?
> >>
> >> Thanks!
> >> Eric
> >>
> >>
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message