You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@maven.apache.org by David Jencks <da...@yahoo.com> on 2009/11/28 23:53:48 UTC
Does maven provide any support for re-signing artifacts with longer keys?
Apache has recently requested that all apache releases be signed with
4096 bit keys and SHA512, see http://www.apache.org/dev/openpgp.html
I've released some artifacts using maven signed with an older 1024 bit
key and most likely SHA1.
Is there any maven support for re-signing these older artifacts with a
new longer key? If not, does anyone have any advice for a non-maven
way to do it?
thanks
david jencks