You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@poi.apache.org by on...@apache.org on 2016/11/09 08:57:26 UTC
svn commit: r1768877 - /poi/trunk/KEYS
Author: onealj
Date: Wed Nov 9 08:57:26 2016
New Revision: 1768877
URL: http://svn.apache.org/viewvc?rev=1768877&view=rev
Log:
KEYS file should only have public keys used to sign previous releases
Modified:
poi/trunk/KEYS
Modified: poi/trunk/KEYS
URL: http://svn.apache.org/viewvc/poi/trunk/KEYS?rev=1768877&r1=1768876&r2=1768877&view=diff
==============================================================================
--- poi/trunk/KEYS (original)
+++ poi/trunk/KEYS Wed Nov 9 08:57:26 2016
@@ -9,6 +9,14 @@ Developers:
(gpg --list-key <your email>
&& gpg --armor --export <your email>) >> this file.
+Since the KEYS may be needed to check signatures for archived
+releases, it is important that all keys that have ever been used
+to sign releases are retained in the file. Entries should only
+be added, not removed.
+To keep the KEYS file manageable, it's recommended to only add
+the keys of committers who have signed releases.
+https://www.apache.org/dev/release-signing#keys-policy
+https://people.apache.org/keys/
pub 1024D/12DAE9BE 2004-01-25 Glen Stampoultzis <gl...@apache.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@poi.apache.org
For additional commands, e-mail: commits-help@poi.apache.org