[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: [hackathon] Keysigning

From: C. Michael Pilato <cmpilato_at_collab.net>
Date: Mon, 02 May 2011 13:20:30 -0400

On 04/27/2011 02:42 AM, Daniel Shahaf wrote:
> We're planning to encourage key signing during the hackathon week.
> To facilitate this, we'd like to collect all the key fingerprints in
> advance, in order to prepare and distribute a $spreadsheet with
> fingerprints to attendees.
> At this point I'd like to suggest to collect the PGP keys in the tree.
> This is in line with ASF practice, allows for more easily verifying
> our releases' signatures, and makes collecting keys a once-and-for-all
> task.
> So, I propose that we recommend committers to add their then-current
> preferred PGP keys (used for key signing and release signing, feel free
> to add other keys if you want) to ^/subversion/site/keys/$username.asc .

I wonder if we couldn't reduce data duplication by instead recommending that
committers update their Apache-wide FOAF data with this information? (See
http://people.apache.org/foaf/index.html for instructions.)

C. Michael Pilato <cmpilato_at_collab.net>
CollabNet   <>   www.collab.net   <>   Distributed Development On Demand

Received on 2011-05-02 19:21:01 CEST

This is an archived mail posted to the Subversion Dev mailing list.

This site is subject to the Apache Privacy Policy and the Apache Public Forum Archive Policy.