Thanks Dave, I think I'll try with some of my colleagues here. I'll let you know if I can make it.
-- Matteo Merli <matteo.me...@gmail.com> On Mon, Jul 24, 2017 at 1:06 PM, Dave Fisher <dave2w...@comcast.net> wrote: > > > On Jul 24, 2017, at 12:33 PM, Matteo Merli <matteo.me...@gmail.com> > wrote: > > > > Bay area. Who can I get to sign it? Can any other Apache committer (or > PMC > > from other projects) do it? > > Yes, if they have participated in a key signing. > > I am in the North Bay myself and recently met someone to sign their key. > We could make arrangements. Try me on Slack later. > > Regards, > Dave > > > > > -- > > Matteo Merli > > <matteo.me...@gmail.com> > > > > On Mon, Jul 24, 2017 at 12:27 PM, Dave Fisher <dave2w...@comcast.net> > wrote: > > > >> > >>> On Jul 24, 2017, at 12:23 PM, Matteo Merli <mme...@apache.org> wrote: > >>> > >>> On Mon, Jul 24, 2017 at 11:39 AM, Dave Fisher <dave2w...@comcast.net> > >> wrote: > >>>> > >>>>> Does for podlings work in the same way as for TLPs? Should we design > a > >>>>> release manager? > >>>> > >>>> Yes. I see you created a KEYS file. If someone else is Release Manager > >>>> then they can add their key as well. > >>>> > >>>> BTW - Is your Key Signed and in the Web of Trust? > >>>> > >>> > >>> Dave, I have created the key as per http://apache.org/dev/openpgp.html > >>> and I have summarized the steps into a wiki page at > >>> https://github.com/apache/incubator-pulsar/wiki/Create- > >> GPG-keys-to-sign-release-artifacts > >>> > >>> I didn't see how to sign the key itself and didn't get a chance to > >> exchange > >>> it. > >> > >> Someone else would need to sign your key after physically validating > your > >> IDs. This is not an absolute requirement. Where in the world are you > >> located? > >> > >> Regards, > >> Dave > >> > >