www-infrastructure-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "William A. Rowe Jr." <wr...@rowe-clan.net>
Subject Re: Signing jars
Date Thu, 08 Sep 2011 19:50:11 GMT
On 9/8/2011 2:48 PM, Daniel Kulp wrote:
> The signing server would verify the gpgs as well (and maybe make sure the keys 
> are in an approved list or in the Apache web of trust or something) and then 
> sign the jars.

As gpg keys are in ldap, this bit is pretty trivial to resolve.

View raw message