On Tue, Jun 5, 2018 at 6:44 PM, Christoph M. Becker <cmbecke...@gmx.de> wrote: > I've pushed the fingerprint of my GPG key to web-php[1], and also made > it available on pgp.mit.edu[2]. As I understand it, this should be > sufficient to sign it. Otherwise, please tell me what to do. > Looks good:
$ gpg --recv-keys 'CBAF 69F1 73A0 FEA4 B537 F470 D66C 9593 118B CCB6' gpg: key D66C9593118BCCB6: public key "Christoph M. Becker <c...@php.net>" imported gpg: Total number processed: 1 gpg: imported: 1 However, a certain other 7.3 RM (not naming names), should probably add his key to the 7.3 section of php.net/gpg-keys IME, the people who are most hawkishly checking our signatures care about who's expected to sign a given release. (This is why I'm also listed under 7.1 RMs) I can commit a copy from elsewhere in the file, but it should probably be done by the person who's key it is. :D > As far as I know, I'm not yet subscribed to the “release managers list”, > and I have no experience with IRC. If necessary, I can catch up on > this, but it'll take some time. > Make sure systems@ is poked about that. You really do need to be on the distribution list. -Sara -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
