These things are best done face-to-face. Think about it: the purpose of a signed public key is so that I can be absolutely sure that it was you who signed the release. Not someone who gained temporary access to your email address.
Is there someone in your company who is in the web of trust? Are you going to a conference or meetup sometime soon? Julian > On Jul 7, 2016, at 9:22 PM, Michael Wu <mchl....@gmail.com> wrote: > > Hi dev group, > > Could anyone that has certified gpg key help sign my gpg pub-key, please? > > My public key is at: http://people.apache.org/keys/committer/mw.asc > My apache email address is: m...@apache.org > > Anything else has to be provided, please do let me know. Thanks! > > Michael
