Thanks Dave, I think I'll try with some of my colleagues here. I'll let you
know if I can make it.



--
Matteo Merli
<matteo.me...@gmail.com>

On Mon, Jul 24, 2017 at 1:06 PM, Dave Fisher <dave2w...@comcast.net> wrote:

>
> > On Jul 24, 2017, at 12:33 PM, Matteo Merli <matteo.me...@gmail.com>
> wrote:
> >
> > Bay area. Who can I get to sign it? Can any other Apache committer (or
> PMC
> > from other projects) do it?
>
> Yes, if they have participated in a key signing.
>
> I am in the North Bay myself and recently met someone to sign their key.
> We could make arrangements. Try me on Slack later.
>
> Regards,
> Dave
>
> >
> > --
> > Matteo Merli
> > <matteo.me...@gmail.com>
> >
> > On Mon, Jul 24, 2017 at 12:27 PM, Dave Fisher <dave2w...@comcast.net>
> wrote:
> >
> >>
> >>> On Jul 24, 2017, at 12:23 PM, Matteo Merli <mme...@apache.org> wrote:
> >>>
> >>> On Mon, Jul 24, 2017 at 11:39 AM, Dave Fisher <dave2w...@comcast.net>
> >> wrote:
> >>>>
> >>>>> Does for podlings work in the same way as for TLPs? Should we design
> a
> >>>>> release manager?
> >>>>
> >>>> Yes. I see you created a KEYS file. If someone else is Release Manager
> >>>> then they can add their key as well.
> >>>>
> >>>> BTW - Is your Key Signed and in the Web of Trust?
> >>>>
> >>>
> >>> Dave, I have created the key as per http://apache.org/dev/openpgp.html
> >>> and I have summarized the steps into a wiki page at
> >>> https://github.com/apache/incubator-pulsar/wiki/Create-
> >> GPG-keys-to-sign-release-artifacts
> >>>
> >>> I didn't see how to sign the key itself and didn't get a chance to
> >> exchange
> >>> it.
> >>
> >> Someone else would need to sign your key after physically validating
> your
> >> IDs. This is not an absolute requirement. Where in the world are you
> >> located?
> >>
> >> Regards,
> >> Dave
> >>
>
>

Reply via email to