incubator-general mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis E. Hamilton" <>
Subject RE: [VOTE] Release Apache Calcite 0.9.1 (incubating)
Date Mon, 13 Oct 2014 16:11:41 GMT
I suggest that the release manager and anyone else in the KEYS file should 
have added key fingerprints to their Apache profiles at <>.

This will have their PGP keys refreshed regularly under their Apache ID at 

With regard to an identifiable association of the key, presence in this 
manner connects the PGP key to The Apache ID by demonstration of control 
over the committer's Apache profile.

One can go farther by adding the to an User-ID on the key.
Verifying that one has control over that e-mail address (and all User-IDs)
Is done by registering the public key at the PGP Global Directory service at 
<> and completing the
ceremony specified there.  After the ceremony is completed, you can retrieve
your counter-signed PGP key from that service and synchronize it to a public
PGP key server.  The ASF will pick it up on a future refresh.

Use of the key from the Apache ID list has certain valuable properties.  It is
not fixed, as in the key files in the project and in distributions.  That means
any additional (web-of-trust) certifications of the keys association with a 
committer are updated automatically.  That includes any revocations.

 -- Dennis E. Hamilton    +1-206-779-9430  PGP F96E 89FF D456 628A
    X.509 certs used and requested for signed e-mail

-----Original Message-----
From: Justin Mclean [] 
Sent: Sunday, October 12, 2014 22:29
Subject: Re: [VOTE] Release Apache Calcite 0.9.1 (incubating)


> First, the signing key is present in SVN, but has not been uploaded to the
> standard key-servers, nor has it been signed by anyone.

I found it here:

Even if the key is part of a web trust it may not be part of everyone's web of trust. I'd
see that as a hard requirement to meet.

To unsubscribe, e-mail:
For additional commands, e-mail:

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message