You are correct Josh. There is no need to be in the ASF WOT.
Regards,
Alan
On Oct 7, 2009, at 9:29 AM, Josh Thompson wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Matt & Kevan,
I just remembered I hadn't responded to these.
Matt - I have added my key to the KEYS file in svn.
Unless anyone is really against the idea, I'm going to go with what
Kevan
pointed out that my key isn't required to be in the Apache WOT.
Josh
On Thursday October 01, 2009, Kevan Miller wrote:
On Oct 1, 2009, at 6:20 PM, Matt Hogstrom wrote:
Did you get your "key" where it needs to be ?
On Sep 22, 2009, at 12:17 PM, Josh Thompson wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Based on Kevan's input, we'll go with options 2 and 3 - a tag to
make it easy
to see what the RC was based off of, and an actual RC artifact that
people
can vote on.
I'll go ahead and add that to the "Cutting a VCL Release" and then
start on
the process outlined on that page. I can go ahead and sign it with
my key,
but I still need to get my key into the ASF WOT somehow.
See http://www.apache.org/dev/release-signing.html#keys-policy
You'll want a KEYS file in SVN and in the release dist directory.
Though good to have, it's not necessary to be in the Apache Web of
Trust.
--kevan
- --
- -------------------------------
Josh Thompson
Systems Programmer
Advanced Computing | VCL Developer
North Carolina State University
josh_thomp...@ncsu.edu
919-515-5323
my GPG/PGP key can be found at pgp.mit.edu
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFKzMH5V/LQcNdtPQMRAg7SAJoDpCGHzctg4yLyVQJAqAzg1KGP1QCeOEO+
CXVRqozpc6eNVFGmOk62zgg=
=ruhq
-----END PGP SIGNATURE-----