Thanks, that really sorted out my doubts :D, will do the rest asap. On Thu, Nov 10, 2016 at 1:28 AM, Dave Brondsema <d...@brondsema.net> wrote:
> The release script will sign the final Allura release file with PGP. Its > another way in addition to md5 and sha1 checks to know the release is > official. > With PGP keys you can sign each others keys and form a "web of trust" too. > > Can you put your public key fingerprint on your account at > https://id.apache.org/ ? Then it will show up at > http://people.apache.org/keys/group/allura.asc And I think we'll want > to copy > it to http://www.apache.org/dist/allura/KEYS manually too. Then people > will > know your key is part of the Allura project. > > > On 11/9/16 11:08 AM, Pranav Sharma wrote: > > Hi, > > > > I have set up PGP keys (locally and on mit pgp server server) as > required, > > in the release page, but was wondering what if the actual use for it? > > Though I know that they are used to encrypt emails. > > > > Thanks. > > > > > > -- > Dave Brondsema : d...@brondsema.net > http://www.brondsema.net : personal > http://www.splike.com : programming > <>< >
