Le 18/07/13 14:52, Suresh Marru a écrit :
A good question. A key certainly can be renewed and extended the expiry time. But I never thought of this and makes me wonder. As you can read here - http://www.gnupg.org/gph/en/manual.html#AEN329 the key expiry is associated with the key's self sign. So I am not sure how will the integrity be preserved. I am sure there will be a way and ASF has experts who can answer this question. But to start with, I would not worry about it but will poke around at leisure.
Thanks a lot for the information. Looking at Apache documentation, the examples that I saw seem to create keys with unlimited validity time.
According [1], we need to create a JIRA ticket for Nexus authorization to deploy artefacts in the "org.apache.sis" namespace. Do we already have this authorization, or should I create a ticket?
[1] http://www.apache.org/dev/publishing-maven-artifacts.html#signing-up
