On 2011-02-19, Troy Howard wrote: > Have either of you gone through the process of making a signed release > yourselves?
I'm not sure whether we are taling about the same kind of signing here. In have OpenPGP signed the archive that het distributed several times and this is really pretty simple once you have a key - preferrably one that is well connected. If you talk about strong naming assemblies then I don't have any experience how a well designed scheme of sharing the key between several developers might work. As the maintainer of XMLUnit I'd be interested in a good solution myself. Stefan