> Note that "thawtepersonalfreemailca" is on the list... Yup, that's how we got Chainsaw working internally. I had to sign the dependant jars too (so I signed the ORO jars needed by Chainsaw). I however registered my "lawlex.com.au" email address, which is not something someone outside our business would necessarily trust.
> > Once Paul gets his key signed by Thawte Personal Freemail CA, > he can sign > the relevant jar files. If users complain or do not trust > Paul's signature, > we can jump in by getting our own certificates and either sign Paul's > signatures or sign the relevant jars or even both. > > Paul, the above sounds very much like what you had mind, correct? Yeah. I am hoping to get a free personal certificate for my apache.org email address. Perhaps we could all do that, and then we can all potentially sign the Jars needed for download. As long as the foundation has no objections to this approach (having us sign jars, and packages from other Apache projects like ORO) with our apache.org email account), it should work well. cheers, Paul Smith --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
