incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yoav Shapira" <>
Subject Re: Write-up on release signing/verification
Date Thu, 25 Jan 2007 16:48:37 GMT
That's cool, and very considerate of you to take the time to document
your process.  Thank you.

However, I'm not sure that we need to duplicate what's already
documented and followed by most ASF projects: and its links.  Instead, we should
work to update, amend, and extend that set of documents as applicable.


On 1/25/07, Thilo Goetz <> wrote:
> Hi,
> I have recently started to familiarize myself with release signing for
> the upcoming UIMA release.  I have documented my experiences on our web
> site, for developers here:
> (section "Signing a
> distribution")
> and for users here:
> I would really appreciate it if someone more knowledgeable than myself
> could give this a quick read and point out any glaring mistakes.  It's
> really short ;-)
> While I found good information on release signing on various Apache
> pages, I did not find corresponding information for users on what to do
> with the signature files.  If anybody knows of such information, could
> you let me know so I can link to it from our pages.  If there isn't,
> maybe what I wrote (after clean-up ;-) could be used as basis for a more
> general FAQ.
> Note that I don't have anything on cross-signing of keys and web of
> trust yet, I hope to add something on that at a later date.
> --Thilo
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message