-- Owen
Begin forwarded message:
From: Daniel Shahaf <[email protected]>
Date: May 5, 2011 8:51:12 AM PDT
To: [email protected]
Subject: Centralized KEYS files on https://people.apache.org/
Reply-To: [email protected], [email protected]
The following is now implemented:
If you login to https://id.apache.org and enter PGP key fingerprint(s),
then the corresponding keys will within a few hours be made available
under
https://people.apache.org/keys/ ,
at URLs such as the following:
https://people.apache.org/keys/committer/danielsh.asc (my key)
https://people.apache.org/keys/group/httpd.asc (all httpd committers' keys).
This arrangement is independent of the PGP fingerprints in
^/committers/info/, it does not pull fingerprints listed there.
We recommend projects transition from KEYS files to /keys/group/$pmc.asc
files managed via https://id.apache.org/.
We have pre-filled this with the keys listed on the public
http://people.apache.org pages (which are built from the information
in ^/committers/info/ in the private repository). Some keys were not
added, you can add those manually. You can edit or remove the listed
keys via https://id.apache.org/.
Documentation will follow on www.apache.org/dev/ later; it's basically
"enter the fingerprint or keyid in a format that 'gpg --recv-key' is
happy with".
Questions, patches, bugs, flames: to infrastructure@ (about id.a.o) or
site-dev@ (about the scripts generating the keys/ directory).
Thanks to pctony; bugs by me.
Daniel
Date: May 5, 2011 8:51:12 AM PDT
To: [email protected]
Subject: Centralized KEYS files on https://people.apache.org/
Reply-To: [email protected], [email protected]
The following is now implemented:
If you login to https://id.apache.org and enter PGP key fingerprint(s),
then the corresponding keys will within a few hours be made available
under
https://people.apache.org/keys/ ,
at URLs such as the following:
https://people.apache.org/keys/committer/danielsh.asc (my key)
https://people.apache.org/keys/group/httpd.asc (all httpd committers' keys).
This arrangement is independent of the PGP fingerprints in
^/committers/info/, it does not pull fingerprints listed there.
We recommend projects transition from KEYS files to /keys/group/$pmc.asc
files managed via https://id.apache.org/.
We have pre-filled this with the keys listed on the public
http://people.apache.org pages (which are built from the information
in ^/committers/info/ in the private repository). Some keys were not
added, you can add those manually. You can edit or remove the listed
keys via https://id.apache.org/.
Documentation will follow on www.apache.org/dev/ later; it's basically
"enter the fingerprint or keyid in a format that 'gpg --recv-key' is
happy with".
Questions, patches, bugs, flames: to infrastructure@ (about id.a.o) or
site-dev@ (about the scripts generating the keys/ directory).
Thanks to pctony; bugs by me.
Daniel
