Sean, I just added my pubkey and commited the KEYS file in MyFaces CVS root.
James, is it ok to sign another committers key if he adds and commits his key to the KEYS file? I mean, is CVS log history safe enough to trust a key on the basis of it? Thanks, -Manfred On Apr 11, 2005 8:10 PM, James Mitchell <[EMAIL PROTECTED]> wrote: > You'll definitely want to take advantage of the mirrors. I shouldn't have > to explain what impact you'll have if you don't. Onward and upward, let's > "face" it (pun intended) MyFaces is picking up steam. Everyone on the dev > team (committers) should be versed in how to branch and release (checksum et > al). > > This is probably redundant for most of you, but this is a good guide to > follow: > http://www.apache.org/dev/new-committers-guide.html > > (especially the part about umask) > > From the above link, there is a small section (PGP/MD5) that references this > link: > http://people.apache.org/~henkp/ (a good read) > > I have not actually signed a release (yet), so I can't say "oh, it's so > easy". You might ping Martin, Ted, or Craig (Struts) to see if they can > point you to a better resource or how-to. > > -- > James Mitchell > Software Engineer / Open Source Evangelist > Consulting / Mentoring / Freelance > EdgeTech, Inc. > 678.910.8017 > AIM: jmitchtx > Yahoo: jmitchtx > MSN: [EMAIL PROTECTED] > > > ----- Original Message ----- > From: "Sean Schofield" <[EMAIL PROTECTED]> > To: "MyFaces Development" <[email protected]> > Sent: Monday, April 11, 2005 11:07 AM > Subject: Need to sign release jars > > >I built and published the 1.0.9 release. Matthias said that we need > > to sign with PGP before the official announcement. Can someone help > > me out with this? We should probably do this ASAP since the jars are > > already available on the myfaces website. > > > > Also at some point we need to discuss mirroring and how that works or > > if its necessary. > > > > sean > > > >
