Hi, I have a question for our mentors: As part of the incoming Apache Bigtop (incubating) release, I am interested in starting to sign our convenience packages/repositories. I am afraid using the release manager key to sign released convenience packages/repositories would bring too much issues to be managed since it may change for each release. So what is Apache stance on using a release key to be shared between release managers or some other entity?
Note that this only applies to the convenience package/repositories, not the release itself. Thanks, Bruno
