http://incubator.apache.org/incubation/Incubation_Policy.html
Under the conditions of incubator graduation:
â Releases are PGP signed by a member of the community
http://www.apache.org/dev/mirrors.html
Under goals:
â All releases must be signed by the release manager.
On Mar 8, 2005, at 3:33 AM, Ceki GÃlcà wrote:
Nicko,
As far as I know, signing releases is not a mandatory step.
At 08:46 PM 3/7/2005, Nicko Cadell wrote:
I have created a PGP key pair, exported it to http://pgp.mit.edu/,
added
it to the KEYS.txt in the root of the logging-log4net repository.
I think I have done all the procedural things, and now I just need it
to
be cross signed by other keys.
Nicko
