On Oct 1, 2009, at 6:20 PM, Matt Hogstrom wrote:

Did you get your "key" where it needs to be ?

On Sep 22, 2009, at 12:17 PM, Josh Thompson wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Based on Kevan's input, we'll go with options 2 and 3 - a tag to make it easy to see what the RC was based off of, and an actual RC artifact that people
can vote on.

I'll go ahead and add that to the "Cutting a VCL Release" and then start on the process outlined on that page. I can go ahead and sign it with my key,
but I still need to get my key into the ASF WOT somehow.

See http://www.apache.org/dev/release-signing.html#keys-policy

You'll want a KEYS file in SVN and in the release dist directory. Though good to have, it's not necessary to be in the Apache Web of Trust.

--kevan

Reply via email to