> On 19 Aug 2015, at 4:04 am, Dennis E. Hamilton <[email protected]> > wrote: > > I did some digging into the release and release-review procedures and I > noticed that one practice is to place a KEYS file in the same folder as the > release candidates (and then the release folder) on the Apache site where the > candidates are stored. This would include at least the public key that can > be used to verify the .asc digital signature on the RC. > > I think that can be done now, even with [VOTE]ing in progress, because it is > not about the substance of the [VOTE].
Or we could just use Jan’s public key as has been discussed ad infinitum on the list already. — Dr Peter M. Kelly [email protected] PGP key: http://www.kellypmk.net/pgp-key <http://www.kellypmk.net/pgp-key> (fingerprint 5435 6718 59F0 DD1F BFA0 5E46 2523 BAA1 44AE 2966)
