> It seems to me to be a bad idea to distribute keys with releases. +1
> And don't > we already have some ASF-wide policy for managing keys? I don't know if there is a policy, but I recently found this: http://people.apache.org/foaf/index.html "PGP keys may additionally be added to your profile on https://id.apache.org/. This will cause them to be added to https://people.apache.org/keys/, and make them available to other infrastructure tools in the future." Then it would be available here: https://people.apache.org/keys/group/ Why shouldn't all podlings use this a central keys file? Cheers Christian --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
