On 18 July 2017 at 15:02, Stefan Bodewig <bode...@apache.org> wrote: > > We shouldn't remove any key that has been used to sign a release in the > past. No matter how long in the past :-) >
What about expired keys? -- Matt Sicker <boa...@gmail.com>
- Re: [all] Removal of old pgp key from https://www.apache.org/d... Matt Sicker
