ASF subversion and git services commented on SINGA-456:

Commit a5a3221b45621163c9f1ad601a91be2daaeeb30c in incubator-singa's branch 
refs/heads/master from Wei Wang
[ https://gitbox.apache.org/repos/asf?p=incubator-singa.git;h=a5a3221 ]

Merge pull request #530 from moazreyad/SINGA-456

SINGA-456 Add KEYS file

> Adding more PGP Keys
> --------------------
>                 Key: SINGA-456
>                 URL: https://issues.apache.org/jira/browse/SINGA-456
>             Project: Singa
>          Issue Type: Improvement
>            Reporter: Moaz Reyad
>            Priority: Major
>         Attachments: KEYS
>          Time Spent: 20m
>  Remaining Estimate: 0h
> Currently the SINGA [KEYS |https://www.apache.org/dist/incubator/singa/KEYS] 
> file has only one PGP key which is expiring this September (it needs to be 
> updated). This means only one person can sign the releases. While other 
> projects like CouchDB for example, have several keys in the [KEYS 
> |https://www.apache.org/dist/couchdb/KEYS] file.
> It will be useful if every active Apache committer in the team create a PGP 
> key and uploads the Public Key Primary Fingerprint to his account using 
> [Apache Account Utility|https://id.apache.org/]. Then append the new key to 
> the SINGA KEYS file.
> Furthermore, the keys themselves can be signed for more trust. SINGA team can 
> exchange key signatures between them or organize a [key signing 
> party|https://www.apache.org/dev/release-signing#key-signing-party]. This 
> will help adding more SINGA committers into the [Apache Web of 
> Trust|https://www.apache.org/dev/release-signing#web-of-trust]. 
> I attach with this issue the KEYS file with my key appended at the end. 

This message was sent by Atlassian Jira

Reply via email to