> Yeah. I am hoping to get a free personal certificate for my > apache.org email > address. Perhaps we could all do that, and then we can all > potentially sign > the Jars needed for download. > > As long as the foundation has no objections to this approach > (having us sign > jars, and packages from other Apache projects like ORO) with > our apache.org > email account), it should work well.
I've managed, after a bit of hair pulling, to remeber how to arrange this certificate stuff. So now I have a valid Thawte Personal Email certificate for my [EMAIL PROTECTED] email address. I've also managed to sign the 3 jars necesarry to run Chainsaw via webstart (this means that I sign the jakarta-oro jar too in this case). Tested internally, works nice, although JavaWebStart gives a small warning to say "Hey, are you ok with this certificate?", which I am 80% it'll do with ANY certificate... I think. What I could do is copy up the latest jars to the website, modify the Chainsaw page to point to the Webstart installation, and people could give it a whirl..... Anyone have any objections? (Hell, you users can always opt to say "No way do I trust [EMAIL PROTECTED]") Then, periodically, I could resign the log4j and log4j-chainsaw jars as they are updated and copy them back up to the webserver. How does that sound to people? BTW, I found this URL incredibly useful: http://www.dallaway.com/acad/webstart/ cheers, Paul Smith --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
