Vincent's key is now properly signed and listed in a public directory - so that error should no longer appear. It was that error though which prompted me to ask if we should have contributors sign their commits.
>From the feedback so far, it seems unnecessary, and undesirable. -r On Thu, Jul 12, 2018 at 10:29 AM, Bertrand Delacretaz < [email protected]> wrote: > On Tue, Jul 10, 2018 at 10:02 PM Matt Rutkowski <[email protected]> > wrote: > > ...signed, tagged releases are just fine by me... > > Note that releases which cannot be traced to an Incubator PMC vote are > *not* Apache Releases, whoever does them does so under their own > responsibility. > > OTOH, Apache Releases are acts of the Foundation, which is how the ASF > provides legal protection. > > http://www.apache.org/dev/release-publishing.html and > http://www.apache.org/legal/release-policy.html provide more details. > > -Bertrand >
