I don't think there's a need to sign emails.

We just sign the release tarballs and those signatures go into a .sig
file that people can download and use to verify the tarballs.

Thanks... I obviously don't know what I am going.  Just following through Apache checklists as I run across them.

Greg

Reply via email to