On Wed, Apr 15, 2009 at 12:33:22PM +0100, Ian Boston wrote: > I am probably too distant to anyone to do the signing, I running the > maven release:perform at the moment, but I dont think anything is > getting signed, or at least i am not being asked form gpg passphrase. > > Ian
Probably one of the easiest ways to get nicely tied in into the global gpg web of trust is for (some of) the people here to get their keys signed by some Debian developer. We could simply make a list of everyone's location and send it to the debian-devel list, or I can make a request to the -private list if there are concerns about publicly posting that.
