Hi,
I started fiddling with commons-openpgp in December (and others have
been meaning to do more in general since about 2004, as you'll see on
the wiki), so I've started putting together a repository security
proposal for Maven 2.1.
http://docs.codehaus.org/display/MAVEN/Repository+Security+Improvements
Any thoughts?
Most of the PGP bits are already done, so is anyone interested in
working on this on trunk? I can continue doing bits, and also stuff
related to the repository manager, but probably don't have time to work
through it all.
Probably one of the trickier bits is deployment right now (appropriately
secure and convenient password entry in particular), but that's probably
something that can be added post-release since we are manually signing
them just fine now.
Cheers,
Brett
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
