Thank you Enrico for this initiative and it will be helpful for committers whose KEY is expired or not signed yet.
I think 8:30AM PDT should work. Can you share Date and invitation when it will be convenient for you? Thanks, Rajan On Tue, Jun 30, 2020 at 3:33 AM Enrico Olivelli <eolive...@gmail.com> wrote: > Hi, > What about running a "Virtual Key-Signing Party" to perform signing of our > GPG keys ? > > This document about the "Apache Web of trust" will help understand this > topic > https://infra.apache.org/release-signing.html#web-of-trust > > Usually it works like this: > - everybody in the meeting shows himself and an identity document > - we exchange the fingerprints of our GPG keys > - everybody "signs" the keys of the other participants to the party > > Everybody can join the party, no need to be a "committer". > > I can send an invitation for this party in a convenient time across the > timezones of the participants, like around early morning (8:00/8:30 AM?) in > California and evening in Europe like we did many months ago for Community > meetings. > > > Enrico >
