Hi, Forgive me for top posting.
Some things that may help: - Unusually release are only signed by the RM (but you can have others sign it as well) - It’s best to use your apache email address (but it’s not required) - A key signing party is a good idea - Emails don’t have to be signed (although some projects sign announce emails) - Signatures go into a KEYS file so people can verify the release artefacts Thanks, Justin
