On Aug 10, 2011, at 10:38 AM, Stefan Bodewig wrote: > I'd propose to not keep the signing key of future releases secret but > simply keep the full keypair inside the source tree. > > Stefan
I'm fine with that as long as it is a different key than that which signed the earlier releases which had some at least implied promise of signing key secrecy that we should not undo. Likely that would mean that we would need to build assemblies with the previous key for those who want a dropin replacement for earlier log4net and figure out if we want to distribute compiled assembles with the open key or just distribute the source.
