[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

[hackathon] Keysigning

From: Daniel Shahaf <danielsh_at_elego.de>
Date: Wed, 27 Apr 2011 09:42:44 +0300

We're planning to encourage key signing during the hackathon week.
To facilitate this, we'd like to collect all the key fingerprints in
advance, in order to prepare and distribute a $spreadsheet with
fingerprints to attendees.

At this point I'd like to suggest to collect the PGP keys in the tree.
This is in line with ASF practice, allows for more easily verifying
our releases' signatures, and makes collecting keys a once-and-for-all
task.

So, I propose that we recommend committers to add their then-current
preferred PGP keys (used for key signing and release signing, feel free
to add other keys if you want) to ^/subversion/site/keys/$username.asc .

(Bikeshed: I'm going for site/keys/ for two reasons: it doesn't
belong in trunk for the same reason trunk/www/ was moved out, and having
it under site/ means we all have one less working copy to worry about.)

If people don't like having the keys in svn, feel free to just send me
the keys (or fingerprints thereof) that you'd like signed at the
hackathon, that would address the immediate need. (In this case I'll
also grab all keys used to sign any 1.6.x release.)

Thanks,

Daniel
Received on 2011-04-27 08:43:43 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.