incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "George Aroush" <>
Subject RE: Some help with Lucene.Net release
Date Sun, 18 Mar 2007 00:18:04 GMT
Thanks Bertrand!

All: must the key be signed by someone other then me?  If so, can someone
from ASF do so?


-- George

-----Original Message-----
From: [] On Behalf Of
Bertrand Delacretaz
Sent: Saturday, March 17, 2007 2:29 PM
Subject: Re: Some help with Lucene.Net release

On 3/17/07, George Aroush <> wrote:

>... I generated the MD5 and SHA file based on:
> using the commands:
>   $ gpg --print-md MD5 [fileName] > [fileName].md5..

I'll let others comment as to whether this is a usually accepted format. I
have the impression that I've always seen keys in the md5 or md5sum format.
i.e. what you'd get running:

  md5sum [fileName] > [fileName].md5

But I don't know if this is a requirement of the ASF.

(the command is sometimes named md5, not md5sum, depending on your platform)

> ...As for your comment about the ASC file, I'm not sure what you mean 
> by "your key hasn't been signed by anyone"?  Can you tell me how to 
> fix it if this is a problem?..

People doing releases try to have their PGP keys signed by other ASF people,
in order to build a web of trust, see
for more info, or Henk's pages at

I don't think a key that is not signed by others is a problem w.r.t.
doing releases, but if you can get it signed at some point it's better IMHO.


To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message