[
https://issues.apache.org/jira/browse/CASSANDRA-12239?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15389569#comment-15389569
]
T Jake Luciani commented on CASSANDRA-12239:
--------------------------------------------
I think the {KEYS} file is used for users to import all the developers public
keys for use in packages. That should ideally how we add new maintainers vs
adding one by one as suggested in the wiki.
It would be great if we had just one key, we could gpg encrypt and send the
key for maintainers. Alternatively, we could look at how bintray manages
private keys for teams. It will auto sign the artifacts for us, but we chose
to not do that since having bintray own the private key is insecure.
> Add mshuler's key FE4B2BDA to dist/cassandra/KEYS
> -------------------------------------------------
>
> Key: CASSANDRA-12239
> URL: https://issues.apache.org/jira/browse/CASSANDRA-12239
> Project: Cassandra
> Issue Type: Task
> Components: Packaging
> Reporter: Michael Shuler
> Assignee: Michael Shuler
> Fix For: 3.x
>
> Attachments: KEYS+mshuler.diff.txt
>
>
> I've started working on packaging with the 3.8 release and signed the staging
> artifacts with FE4B2BDA. This key will need to be added for the debian
> repository signature to function correctly, if it's released as-is, or
> perhaps [~tjake] will need to re-sign the release. Users will need to also
> fetch this new key and add to {{apt-key}}.
> {{KEYS}} patch attached.
> Assigned to myself, but I am not sure exactly where {{KEYS}} lives - in svn
> somewhere or a direct upload? :)
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
