incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Niclas Hedhman" <>
Subject Re: Key signing practicalities Was: status of PGP support in Maven
Date Wed, 24 Sep 2008 08:00:30 GMT
On Wed, Sep 24, 2008 at 2:36 PM, Janne Jalkanen <>wrote:

> So you assume that that can not be hacked? What if a
>> signing key *IS* in KEYS but not signed by anyone (because the developer
>> has never attended an Apache key signing event)?
> Which reminds me - if one does not attend an Apache key signing event
> (which tend to be in faraway countries, traveling to which usually means
> parting with lots of cash), how *does* one get the key signed?  Is there a
> regional list somewhere?
> Any people near Helsinki, Finland who are willing to have a coffee and sign
> my key? ;-)

Yes, asking for people on community@ in your "not faraway country" is one
way to do it. Another is that I am sure you travel once in a while, and
before going there, you can ask if someone is up for a coffee and


  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message