Il Lun 6 Lug 2020, 19:54 Rajan Dhabalia <rdhaba...@apache.org> ha scritto:
> Thank you Enrico for this initiative and it will be helpful for committers > whose KEY is expired or not signed yet. > > I think 8:30AM PDT should work. Can you share Date and invitation when it > will be convenient for you? > Works for me. Anyone who wants to join me and Rajan please reach me on slack, I will share the link. Enrico > > Thanks, > Rajan > > > > On Tue, Jun 30, 2020 at 3:33 AM Enrico Olivelli <eolive...@gmail.com> > wrote: > > > Hi, > > What about running a "Virtual Key-Signing Party" to perform signing of > our > > GPG keys ? > > > > This document about the "Apache Web of trust" will help understand this > > topic > > https://infra.apache.org/release-signing.html#web-of-trust > > > > Usually it works like this: > > - everybody in the meeting shows himself and an identity document > > - we exchange the fingerprints of our GPG keys > > - everybody "signs" the keys of the other participants to the party > > > > Everybody can join the party, no need to be a "committer". > > > > I can send an invitation for this party in a convenient time across the > > timezones of the participants, like around early morning (8:00/8:30 AM?) > in > > California and evening in Europe like we did many months ago for > Community > > meetings. > > > > > > Enrico > > >
