Nick,
I had no luck in my immediate network of colleagues. I probably won't be
able to have my key signed in the next few weeks. Should I pass the torch
(practice release of 3.10beta2) to someone else?
Thank you.
Best,
Tim
-----Original Message-----
From: Nick Burch [mailto:[email protected]]
Sent: Monday, July 29, 2013 5:16 PM
To: [email protected]
Subject: Re: svn commit: r1508180 - /poi/trunk/KEYS
On Mon, 29 Jul 2013, [email protected] wrote:
> Author: tallison
> Date: Mon Jul 29 18:58:26 2013
> New Revision: 1508180
>
> URL: http://svn.apache.org/r1508180
> Log:
> added key to KEYS
Quick reminder for everyone who might be helping with releases - you want
to get your PGP key into the web of trust, so that people can more easily
confirm that it's a valid key that signed it. Ideally that would be the
ASF WoT <http://www.apache.org/dev/openpgp.html#apache-wot-link>, but as a
stop-gap getting your key signed by one or two people involved in other
Open Source things is a good start.
To get into the ASF web of trust, either pop along to an Apache event (if
there is one near you in time), or use the "Nearby People" app to find
yourself an Apache person near you - http://community.zones.apache.org/ -
and meet them for a drink and to get your key signed. (People in large
companies might be able to cheat by finding another committer on the same
campus, and just swing by their desk!) Failing that, pop along to
something like your local JUG or LUG, and find one or two people there to
sign your key.
Nick
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
