Hi Dan,
a few bits and pieces from my memory
+) see http://www.apache.org/dev/release-signing.html
+) upload your key to the key server
+) join a key-signing party
+) at Apache Commons I did my first release before joining a key signing
party - that is possible but not encouraged
Cheers,
Siegfried Goeschl
On 1/30/11 7:05 PM, Dan Haywood wrote:
As I now understand things, I don't need a key to publish a snapshot,
but I will need a key to do the first 0.1 release when we get to that
point.
In preparation for then, I've generated a public key and added to the
Isis Keys file, as per [1].
Do I also need to publish my key to the http://pgp.mit.edu key server? I
found some documentation [2] that suggests that it is necessary?
Thanks
Dan
[1] https://cwiki.apache.org/confluence/display/ISIS/GeneratingPgpKeys
[2] http://maven.apache.org/developers/release/pmc-gpg-keys.html ...
penultimate paragraph near the end
