Hi Jon I have published my key in pub 4096R/867B57B8 in the MIT PGP public key server.
Hope this is what you meant of publishing the key? Regards Ram -----Original Message----- From: Todd Lipcon [mailto:[email protected]] Sent: Tuesday, February 07, 2012 10:41 AM To: [email protected] Subject: Re: ANN: 0.90.6 RC3 available for download On Mon, Feb 6, 2012 at 8:37 PM, Jonathan Hsieh <[email protected]> wrote: > - Ram, I think if I understand the signing stuff properly, your gpg > signature needs to be verifed/signed by someone else in the "web of trust". Regarding signatures: if another committer reviews the release and is willing to stand by it, that committer can sign the artifact in lieu of Ram. So, if you vote +1 on the next release, Jon, you can sign it, and I can sign your key at the office to get you into the apache "web of trust". -Todd -- Todd Lipcon Software Engineer, Cloudera
