> On Wed, Sep 18, 2013 at 8:25 PM, Dave Brondsema <d...@brondsema.net> wrote: > >> Do you have a KEYS file posted somewhere besides within the release?
Thanks for a good spot and thoughtful observation, Dave. This is worth discussing. MHO: supplying a KEYS file within the source archive is worthless at best. On Wed, Sep 18, 2013 at 9:50 PM, Ted Dunning <ted.dunn...@gmail.com> wrote: > It is in version control as per custom. Drill uses git so it might not be > quite as obvious if you are used to SVN. > > See, for instance, > > https://git-wip-us.apache.org/repos/asf?p=incubator-drill.git;a=blob;f=KEYS;h=205469b84b8bda60fcb87486182d4fb7caf0485d;hb=HEAD There may be precedent but it seems to me that including a KEYS file within a source archive shouldn't be considered a best practice. (For the record, so long as the KEYS file is available from somewhere else safe, I don't think the issue blocks Drill's release candidate.) Now that changes to our distribution area are captured via version control (dist.apache.org), is there any reason to maintain KEYS in the master branch any more? There was talk a while back of transitioning to an LDAP-centric key scheme, but there are flaws with that approach: former RMs who leave the community suddenly causing the key needed for an old release to become unavailable, etc. Marvin Humphrey --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
