Here's a good blog post on how to add an additional identity/email to the existing gpg key, if Keith wished to add his apache email address. It's not much effort, and it wouldn't change the signatures at all. It would just link the existing signature to the apache identity. https://www.katescomment.com/how-to-add-additional-email-addresses-to-your-gpg-identity/
Thanks for pointing out the date in the main NOTICE file. That was brought up on the PPMC vote also, with the intent to fix next time. We've double-checked that it's the only one. I checked that the NOTICE files in the jars are good (2016-2017). On Sat, Jun 10, 2017 at 6:25 PM Justin Mclean <jus...@classsoftware.com> wrote: > Hi, > > +1 binding > > I checked: > - artefacts contain incubating > - signatures and hashes good > - no unexpected binary files in source release > - LICENSE is good (no 3rd party bundled software) > - NOTICE is also fine but please fix the year for the next release > - can compile from source > > Next it would be better to sign the artefacts with an apache email address. > > Thanks, > Justin > > --------------------------------------------------------------------- > To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org > For additional commands, e-mail: general-h...@incubator.apache.org > >
