incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mohammad Nour El-Din <>
Subject Re: KEYS and releases
Date Mon, 27 Jun 2011 08:56:45 GMT

KEYS should not be distributed with a release, even if the central key
infrastructure is not used, at least release manager should point
people checking the release to where they can find  the KEYS so they
can check release signatures, which is normally the way used with most
of the projects I follow.

On Mon, Jun 27, 2011 at 7:21 AM, Christian Grobmeier
<> wrote:
>> It seems to me to be a bad idea to distribute keys with releases.
> +1
>> And don't
>> we already have some ASF-wide policy for managing keys?
> I don't know if there is a policy, but I recently found this:
> "PGP keys may additionally be added to your profile on
> This will cause them to be added to
>, and make them available to other
> infrastructure tools in the future."
> Then it would be available here:
> Why shouldn't all podlings use this a central keys file?
> Cheers
> Christian
> ---------------------------------------------------------------------
> To unsubscribe, e-mail:
> For additional commands, e-mail:

- Mohammad Nour
  Author of (WebSphere Application Server Community Edition 2.0 User Guide)
- LinkedIn:
- Blog:
"Life is like riding a bicycle. To keep your balance you must keep moving"
- Albert Einstein

"Writing clean code is what you must do in order to call yourself a
professional. There is no reasonable excuse for doing anything less
than your best."
- Clean Code: A Handbook of Agile Software Craftsmanship

"Stay hungry, stay foolish."
- Steve Jobs

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message