Which better agrees with written policy anyway- the sigs are part of the release package to be voted on and voted on by the PMC, so even tho it constitutes individual sigs those sigs (well at least the RM's sig) are PMC-approved.
----- Original Message ----- > From: Greg Stein <gst...@gmail.com> > To: gene...@incubator.apache.org > Cc: "ooo-dev@incubator.apache.org" <ooo-dev@incubator.apache.org> > Sent: Monday, August 27, 2012 1:03 PM > Subject: Re: [VOTE] Apache OpenOffice Community Graduation Vote > > On Aug 27, 2012 9:57 AM, "Jim Jagielski" <j...@jagunet.com> > wrote: >> ... >> But recall in all this that even when the PMC releases code, it is >> signed by the individual RM, and not by the PMC itself. > > Apache Subversion releases tend to have a half-dozen signatures. Thus, I'd > say they are signed by the PMC. For example: > > https://dist.apache.org/repos/dist/release/subversion/subversion-1.7.6.tar.bz2.asc > > Cheers, > -g >
