On 18 July 2017 at 15:02, Stefan Bodewig <[email protected]> wrote: > > We shouldn't remove any key that has been used to sign a release in the > past. No matter how long in the past :-) >
What about expired keys? -- Matt Sicker <[email protected]>
- Re: [all] Removal of old pgp key from https://www.apache.org/d... Matt Sicker
