incubator-jspwiki-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Craig Russell (JIRA)" <>
Subject [jira] Commented: (JSPWIKI-560) Developers tied into ASF PGP web of trust
Date Mon, 22 Jun 2009 20:13:07 GMT


Craig Russell commented on JSPWIKI-560:

The issue is not so much how many folks should be tied into the Apache WOT. Everyone who signs
releases needs to have a key (duh) and any key used to sign a release should be tied into
the WOT by being signed, and by having the owner sign others' keys.

Then the question is how many signatures on your keys are enough. One is enough, but more
is (are) better. Cross-signed keys are best.

> Developers tied into ASF PGP web of trust 
> ------------------------------------------
>                 Key: JSPWIKI-560
>                 URL:
>             Project: JSPWiki
>          Issue Type: Task
>            Reporter: Janne Jalkanen
>             Fix For: Graduating

This message is automatically generated by JIRA.
You can reply to this email to add a comment to the issue online.

View raw message