One of the steps that must take place before releasing a release tarball is to have the release managers digitally sign the tarball.
Hakan, Jignesh, Harshad I think you all are the release managers. Please follow this guide http://quickstep.apache.org/release-signing/ to 1) create a key pair 2) upload the public key to a public keyserver 3) (bonus for now) add the public key to a KEYS file in the root of quickstep. When the release tarball is ready, we can sign it. To be fair, I'm not totally sure how this works because it seems to me that everyone has to sign the release with their private key, meaning that it must be uploaded to each PC where the private key is held, then signed? That seems cumbersome. Anyways, steps 1,2 are straightforward and need to be done before we resolve that last problem. Cheers, Marc
