Why not try creating a signature for an existing Commons release, e.g. IO? Upload it to your home directory on people, along with the public key, and some of us can see if it is usable.
S. On 05/05/2009, Siegfried Goeschl <[email protected]> wrote: > Hi Christian, > > as far as I remember CACert is about X.509 certificates and not PGP > keys. If that assumption is true than this key is not usable for > PGP-signing. > > Cheers, > > > Siegfried Goeschl > > > Christian Grobmeier wrote: > > Hi all, > > > > I am sorry for asking dumb, but I am a complete idiot on all that > > encryption stuff. > > I read this: http://wiki.apache.org/commons/CreatingReleases > > and all the links in the section of signature keys. i understand how PGP > works. > > > > I have a key created and this has been signed by CACert where I am > > fully assured and uploaded it to a keyserver. > > Question: is this a suitable key for code signing at apache? > > > > Thanks, > > Christian > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
