https://bz.apache.org/bugzilla/show_bug.cgi?id=65570
--- Comment #3 from Christopher Schultz <ch...@christopherschultz.net> --- (In reply to Sebb from comment #0) > The KEYS file at that level is used for all 9.x releases, and must therefore > contain the keys used for all the releases. > > Once a key used for a release has been added to a KEYS file, it should never > be removed. The process described above does not make that clear. +1 > The process seems needlessly complicated. > > Most other projects use a single KEYS file maintained at the project level: > https://dist.apache.org/repos/dist/release/tomcat/KEYS Take a look at the release history for Tomcat. There have been many release managers. We have decided to use separate release-based KEYS files to keep the files more manageable. For example, it's easier to see if a key is in the file when there aren't dozens of keys in it, especially if the same RM has used more than one key through the years. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org For additional commands, e-mail: dev-h...@tomcat.apache.org
