On Mon, Jan 4, 2010 at 5:06 PM, Craig L Russell <[email protected]> wrote: > Hi Peter, > > From my perspective, you're good to go. The signature you made checks out. > > You'll need to put your public key into the svn repository associated with > the river project (if you need details after looking around, let me know -- > I'm a little hazy on the details).
i haven't been tracking the progress made by infra so you might need to check the archives but AFAIK we're still just using a KEYS files. this consists of ASCII-exported public keys (IIRC this is covered in the documentation). a good way to start a file is by copying the template from an existing one. > And I guess you're still awaiting a response whether your key is good > enough. Robert, any feedback? there are basically 3 things to check: 1. that both encryption and signing keys are 4096 RSA 2. that the keyring preferences are set to strong signing 3. that the key preferences are set to strong signing and AFAICT the key looks fine (probably need to find some time to update the documentation since the GnuPG team now seem to have set everything up okay by defaults for the new releases...) - robert
