On Jan 12, 2008 1:31 PM, Robert Burrell Donkin < [EMAIL PROTECTED]> wrote:
> new releases need to follow the revised distribution policy. some > initial document is available at > > http://incubator.apache.org/guides/releasemanagement.html#release-distribution > but please ask on the general list before distributing a new release. > the tuscany community will need to take some decisions so please take > a look now. > > - robert > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > Hi Robert Thanks for the pointer. Haven't got into the the detail of the release distribution documentation you refer to yet but something did catch my eye. In the section on mirroring ( http://incubator.apache.org/guides/releasemanagement.html#understanding-mirroring) there is a sentence... " The artifacts are downloaded from machines outside Apache control so users must verify them. While the mirrored release artifacts (gzipped tar files and zip jar files are the most common artifacts) must be used, the mirrored checksums, KEYS and signature files (.asc and .md5 files) must *never* be used. All links must refer to the original documents on www.apache.org." Can I confirm that what this is saying is that the download page, and any associated mirroring scripts, that the Tuscany Incubator project presents must ensure that the user links to zip/gz from a mirror and links to checksums, signatures etc from http://www.apache.org/dist/incubator/, I.e. this sentence is about Tuscany getting it's web page right rather than something a user has to do explicitly. Regards Simon
