www-repository mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Henk P. Penning" <he...@cs.uu.nl>
Subject RE: Summary
Date Wed, 01 Mar 2006 23:37:41 GMT
On Wed, 1 Mar 2006, Noel J. Bergman wrote:

> Date: Wed, 1 Mar 2006 18:19:36 -0500
> From: Noel J. Bergman <noel@devtech.com>
> To: repository@apache.org
> Subject: RE: Summary
>
> > * jars must be: md5'd, sha1'd, pgp (.asc'd).
>
> Justification?  I only do PGP, nor do I see any need for anything else.

  Fine, great. Much better to concentrate on one mechanism,
  and strive for perfection. I'm pushing this agenda:

  -- every committer must have a pgp key in ~user/.pgpkey
  -- every release manager must be in the (apache) strong set

  Every new committer should be asked for a pgp key ;
  new-user script checks if the pubkey is on the keyservers ;
  puts user pubkey in ~user/.pgpkey ; emails initial password
  pgp encrypted to new user.

  Do you know where the CLA/new-user scripts live ?

> 	--- Noel

  HPP

----------------------------------------------------------------   _
Henk P. Penning, Computer Systems Group       R Uithof CGN-A232  _/ \_
Dept of Computer Science, Utrecht University  T +31 30 253 4106 / \_/ \
Padualaan 14, 3584CH Utrecht, the Netherlands F +31 30 251 3791 \_/ \_/
http://www.cs.uu.nl/staff/henkp.html          M penning@cs.uu.nl  \_/


Mime
View raw message