This page is a work in progress. Please help by editing it.
Create a pgp key ring with gnupg
How to generate a gnupg key and a fingerprint?
URL: http://www.gnupg.de/gph/en/manual.html
Install gnupg2
brew install gnupg2
Create a keypair
It should be a RSA key with at minimum 4096 bits, avoiding SHA-1. See https://www.apache.org/dev/openpgp.html#sha1 for instructions on the latter.
gpg2 --gen-key
The result is something like this:
pub 4096R/1ED29548 2013-11-06 Key fingerprint = AB44 8542 1E12 1333 4FEC 9452 B65D 6BE3 9ED3 9588 uid Your Name (CouchDB) <your.name@apache.org> sub 4096R/A62334BF 2013-11-06
Create a revocation certificate
gpg2 --output revoke.asc --gen-revoke your.name@apache.org
Show existing keys
gpg2 --list-keys
Export key
gpg2 --armor --export your.name@apache.org
The output is something like this:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG/MacGPG2 v2.0.19 (Darwin) Comment: GPGTools - http://gpgtools.org mQINBFJ6txIBEADHomX4Q+T/GToy3g/goh0EjbfA+bYnJJce1PLKU3zvXXtQeTfA [veeery long letter salad] -----END PGP PUBLIC KEY BLOCK-----
Upload your public key to the MIT pgp-key-server
There are many public key servers available. The one preferred by the ASF is: http://pgp.mit.edu
Simply paste your public key there and submit the form. When done so, search for your name and find your key.
Your key will be added
Your key will be added, when you inserted the key fingerprint at https://id.apache.org/. You will then find your key here: https://people.apache.org/keys/committer/