RE: Code signing and WOT for releases

2016-07-28 Thread Martin Gainty
> From: orc...@apache.org > To: general@incubator.apache.org > Subject: RE: Code signing and WOT for releases > Date: Thu, 28 Jul 2016 10:05:05 -0700 > > > > > -Original Message- > > From: Martin Gainty [mailto:mgai...@hotmail.com] > &

RE: Code signing and WOT for releases

2016-07-28 Thread Dennis E. Hamilton
> -Original Message- > From: Martin Gainty [mailto:mgai...@hotmail.com] > Sent: Thursday, July 28, 2016 05:13 > To: general@incubator.apache.org > Subject: RE: Code signing and WOT for releases > > 4) how to find a public key certificate matching the ID in th

RE: Code signing and WOT for releases

2016-07-28 Thread Martin Gainty
__ > From: dennis.hamil...@acm.org > To: general@incubator.apache.org > Subject: RE: Code signing and WOT for releases > Date: Wed, 27 Jul 2016 10:01:59 -0700 > > > > -Original Message- > > From: Martin Gainty [mailto:mgai...@hotmail.

RE: Code signing and WOT for releases

2016-07-27 Thread Dennis E. Hamilton
> -Original Message- > From: Martin Gainty [mailto:mgai...@hotmail.com] > Sent: Wednesday, July 27, 2016 08:06 > To: general@incubator.apache.org > Subject: RE: Code signing and WOT for releases > > > > > From: dennis.hamil...@acm.org > > To: gene

RE: Code signing and WOT for releases

2016-07-27 Thread Martin Gainty
> From: dennis.hamil...@acm.org > To: general@incubator.apache.org > Subject: RE: Code signing and WOT for releases > Date: Tue, 26 Jul 2016 10:33:13 -0700 > > > > > -Original Message- > > From: Nick Kew [mailto:n...@apache.org] > > Sent: Tuesd

RE: Code signing and WOT for releases

2016-07-26 Thread Dennis E. Hamilton
> -Original Message- > From: Nick Kew [mailto:n...@apache.org] > Sent: Tuesday, July 26, 2016 02:25 > To: general@incubator.apache.org > Subject: Re: Code signing and WOT for releases > > On Tue, 2016-07-26 at 09:19 +0200, Thorsten Schöning wrote: > > Hi

Re: Code signing and WOT for releases

2016-07-26 Thread Nick Kew
On Tue, 2016-07-26 at 09:19 +0200, Thorsten Schöning wrote: > Hi all, > > the docs about release management for incubating projects make clear > that the release needs to be signed[1] and in the end associated with > the project AND the WOT of Apache in general[2]. I don't like that term "the

Re: Code signing and WOT for releases

2016-07-26 Thread Mark Thomas
On 26/07/2016 08:19, Thorsten Schöning wrote: > Hi all, > > the docs about release management for incubating projects make clear > that the release needs to be signed[1] and in the end associated with > the project AND the WOT of Apache in general[2]. > > Is there some way to check what the

Code signing and WOT for releases

2016-07-26 Thread Thorsten Schöning
Hi all, the docs about release management for incubating projects make clear that the release needs to be signed[1] and in the end associated with the project AND the WOT of Apache in general[2]. Is there some way to check what the owner of a PGP key for former releases has done to get his