On Thu, Aug 16, 2012 at 2:43 AM, Clint Modien <cmod...@gmail.com> wrote: > ...strange that Apache doesn't have a code signing process in place already… > seems like a pretty common requirement....
See http://www.apache.org/dev/release-signing for how releases are signed. You're right that the ASF doesn't currently have a standard process for digital certificates - the OpenOffice podling has been discussing this recently, see http://s.apache.org/Hii - I haven't followed the details. -Bertrand
