incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Thilo Goetz <>
Subject Write-up on release signing/verification
Date Thu, 25 Jan 2007 16:19:18 GMT

I have recently started to familiarize myself with release signing for 
the upcoming UIMA release.  I have documented my experiences on our web 
site, for developers here: (section "Signing a 

and for users here:

I would really appreciate it if someone more knowledgeable than myself 
could give this a quick read and point out any glaring mistakes.  It's 
really short ;-)

While I found good information on release signing on various Apache 
pages, I did not find corresponding information for users on what to do 
with the signature files.  If anybody knows of such information, could 
you let me know so I can link to it from our pages.  If there isn't, 
maybe what I wrote (after clean-up ;-) could be used as basis for a more 
general FAQ.

Note that I don't have anything on cross-signing of keys and web of 
trust yet, I hope to add something on that at a later date.


To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message