All,

You may be aware that the ASF infra team has been working on getting a
code signing service set up.

The test project for this is Apache Tomcat and we are at the point where
we are ready to do our first real signing. So why am I writing to the
Commons dev list? Daemon.

Tomcat uses Commons Daemon so we'd like to build the signed Tomcat
release with signed Commons Daemon binaries. I have the signing for the
Tomcat build automated but the Commons one is manual for now so there
are no tools to check in.

The ASF will eventually need a Maven plugin to do signing as part of the
build. If anyone would like volunteer (I have a simple Ant plug-in
written) let me know.

Shortly I will be starting a release vote for a signed version of
Commons Daemon 1.0.15. This will be exactly the same as the binaries we
have already shipped apart from that the Windows binaries in the
packages will be signed executables. I plan to stage them alongside the
existing 1.0.15 binaries rather than replace them. Eventually, I expect
the Daemon release process to generate signed binaries.

Any questions, just ask.

Mark

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org
For additional commands, e-mail: dev-h...@commons.apache.org

Reply via email to