All, You may be aware that the ASF infra team has been working on getting a code signing service set up.
The test project for this is Apache Tomcat and we are at the point where we are ready to do our first real signing. So why am I writing to the Commons dev list? Daemon. Tomcat uses Commons Daemon so we'd like to build the signed Tomcat release with signed Commons Daemon binaries. I have the signing for the Tomcat build automated but the Commons one is manual for now so there are no tools to check in. The ASF will eventually need a Maven plugin to do signing as part of the build. If anyone would like volunteer (I have a simple Ant plug-in written) let me know. Shortly I will be starting a release vote for a signed version of Commons Daemon 1.0.15. This will be exactly the same as the binaries we have already shipped apart from that the Windows binaries in the packages will be signed executables. I plan to stage them alongside the existing 1.0.15 binaries rather than replace them. Eventually, I expect the Daemon release process to generate signed binaries. Any questions, just ask. Mark --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org