Hi, Can one of the mentors please respond? I was hoping to make a release of InstallApacheFlex soon.
Thanks, Om On Mon, Aug 27, 2012 at 12:51 AM, Om <bigosma...@gmail.com> wrote: > > Dave: >> >> > >> Is it possible to derive these p12 files from KEYS? I think it is likely, >>> if so we have a path to signing of these artifacts by project release >>> managers >>> >> >> I will investigate this approach. I have limited knowledge about this, >> but I believe that OpenSSL might help us here. Will let you know soon. >> >> > > Dave, > > I tried this using gnupg and openssl without any luck. Unless someone > knows how to do it, I have hit a dead end. > > Erik and I have come up with this proposal to move forward. Please let us > know your thoughts/suggestions. > > For the binary releases: > * Erik de Bruin and I are the release managers for this tool > * We will create a new .p12 with a secure password. We will NOT not check > the .p12 file in to SVN. > * I will create the Windows release on my machine using the .p12 file to > sign the AIR app > * I will securely email the .p12 file and the password (in separate > emails) to Erik de Bruin > * Erik creates the Mac release using the same .p12 file > * Erik and I sign the respective releases using our PGP keys in the Apache > Way. > > For the source release: > * I will create a compressed file with the source code and sign it with > my PGP key > > Are we missing something? > > Thanks, > Om >
