<SNIP>
>
> a key with a strong web of trust is not required by policy: just a
> signature
>
> it's best practice to use a key with a strong web of trust but it's
> more important that the release is signed by the release manager who
> cut the release. the signature is primarily to allow infrastructure
> and the release manager to verify that an artifact was create by the
> release manager. all that requires is that the private key is kept
> safe and secure.
>
> - robert 

Like I said before. I will step in and try to get the release stuff done ;-)

bye
Norman

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to