On Oct 1, 2009, at 6:20 PM, Matt Hogstrom wrote:
Did you get your "key" where it needs to be ?
On Sep 22, 2009, at 12:17 PM, Josh Thompson wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Based on Kevan's input, we'll go with options 2 and 3 - a tag to
make it easy
to see what the RC was based off of, and an actual RC artifact that
people
can vote on.
I'll go ahead and add that to the "Cutting a VCL Release" and then
start on
the process outlined on that page. I can go ahead and sign it with
my key,
but I still need to get my key into the ASF WOT somehow.
See http://www.apache.org/dev/release-signing.html#keys-policy
You'll want a KEYS file in SVN and in the release dist directory.
Though good to have, it's not necessary to be in the Apache Web of
Trust.
--kevan