thanks again for helping. Although my idea was much more someone else having a key more trusted should sign the release, not trust my key.
If no one volunteers to sign it I will continue with my untrusted one, seems to be better than nothing to me ;)
Oliver
robert burrell donkin wrote:
On 10 Feb 2004, at 11:10, Oliver Zeigermann wrote:
<snip>
P.S.#2: My key has not been trusted by anyone. For the final release we will need a better solution. Maybe someone else signing it?
AIUI the (ASF) best practice is (at this time) to insist on face-to-face signings only. (IIRC the ASF will have access to some more hardware shortly and once a machine is available for key management, this recommendation may change.)
that means you'll have to give folks a (rough) indication of where you're based before signings can be arranged.
- robert
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
