On 6 October 2014 08:16, Stefan Bodewig <[email protected]> wrote: > >> Just a note on the GPG key, it might be a good idea to upgrade to a >> stronger one. 1024 bits keys are discouraged nowadays. > >> http://www.apache.org/dev/release-signing > > I know, but leaving behind a key that has accumulated signatures over > more than ten years is hard ...
I assume that the people who signed your key trust that it is still yours. If you use it to sign your new key, is that not sufficient? > Stefan > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
