Hi,
I have recently started to familiarize myself with release signing for
the upcoming UIMA release. I have documented my experiences on our web
site, for developers here:
http://incubator.apache.org/uima/distribution.html (section "Signing a
distribution")
and for users here:
http://incubator.apache.org/uima/downloads.html#VerifyDownload
I would really appreciate it if someone more knowledgeable than myself
could give this a quick read and point out any glaring mistakes. It's
really short ;-)
While I found good information on release signing on various Apache
pages, I did not find corresponding information for users on what to do
with the signature files. If anybody knows of such information, could
you let me know so I can link to it from our pages. If there isn't,
maybe what I wrote (after clean-up ;-) could be used as basis for a more
general FAQ.
Note that I don't have anything on cross-signing of keys and web of
trust yet, I hope to add something on that at a later date.
--Thilo
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
