+1 Built from source using Java 8 on ubuntu14.
Next I’ll test with fortress using apacheds/mavibot M8. Will let you know how it goes but no reason to hold up the vote. Shawn > On Aug 10, 2015, at 1:43 AM, Emmanuel Lécharny <[email protected]> wrote: > > My +1. > > > I do agree that a 4096 keys is better for releases, although the current > requirement is "Committers with a DSA key or an RSA key of length *less > than* 2048 bits should generate a new key for signing releases" . > > Kiran's ky is 2048 bits long, whihc is strictly speaking, the bare > minimum to cut a release. I suspect this will not hold for ever, it's > probably a good move to generate this 4096 bits long key before the next > release. > > > Packages and tag checked, signature checked. > > Note that the sign.sh script is not part of the release, and it's hust a > tool that is provided to release managers, for convenience. Also note > that the XXX.asc files get signed too, which is unnecessary : tis is a > by-product of the release+sign.sh script. I usually remove them before > pushing the package son people.a.o... > > Thanks Kiran ! >
