Release Apache Flex Installer 3.4

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

Release Apache Flex Installer 3.4

piotrz
Hi Guys,

Since I was able to fix issue with OSMF I would like to prepare release
candidate. Should I go through the LAST CALL ? Can I omit it and just
prepare RC1 ?

I should also sign sources by SH1 yes ?

Thanks,
--

Piotr Zarzycki

Patreon: *https://www.patreon.com/piotrzarzycki
<https://www.patreon.com/piotrzarzycki>*
Reply | Threaded
Open this post in threaded view
|

Re: Release Apache Flex Installer 3.4

Alex Harui-2
I would skip last call and cut the RC.  But yes, use SHA512 with a .sha512
suffix.

My 2 cents,
-Alex

On 4/12/18, 12:48 AM, "Piotr Zarzycki" <[hidden email]> wrote:

>Hi Guys,
>
>Since I was able to fix issue with OSMF I would like to prepare release
>candidate. Should I go through the LAST CALL ? Can I omit it and just
>prepare RC1 ?
>
>I should also sign sources by SH1 yes ?
>
>Thanks,
>--
>
>Piotr Zarzycki
>
>Patreon:
>*https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.patr
>eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7C9f32952e7b6d49
>3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C6365911614
>63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOjc0%2FkX6RW2doJo%3D&reserved=0
><https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.patr
>eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7C9f32952e7b6d49
>3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C6365911614
>63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOjc0%2FkX6RW2doJo%3D&reserved=0
>>*

Reply | Threaded
Open this post in threaded view
|

Re: Release Apache Flex Installer 3.4

piotrz
Hi Alex,

IMO something rings into my head that we have had some problems with sign
certificates last time. Do you recall something ?

Thanks,
Piotr

2018-04-12 10:25 GMT+02:00 Alex Harui <[hidden email]>:

> I would skip last call and cut the RC.  But yes, use SHA512 with a .sha512
> suffix.
>
> My 2 cents,
> -Alex
>
> On 4/12/18, 12:48 AM, "Piotr Zarzycki" <[hidden email]> wrote:
>
> >Hi Guys,
> >
> >Since I was able to fix issue with OSMF I would like to prepare release
> >candidate. Should I go through the LAST CALL ? Can I omit it and just
> >prepare RC1 ?
> >
> >I should also sign sources by SH1 yes ?
> >
> >Thanks,
> >--
> >
> >Piotr Zarzycki
> >
> >Patreon:
> >*https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.patr
> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> 7C9f32952e7b6d49
> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C0%7C0%7C6365911614
> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
> c0%2FkX6RW2doJo%3D&reserved=0
> ><https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.patr
> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> 7C9f32952e7b6d49
> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C0%7C0%7C6365911614
> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
> c0%2FkX6RW2doJo%3D&reserved=0
> >>*
>
>


--

Piotr Zarzycki

Patreon: *https://www.patreon.com/piotrzarzycki
<https://www.patreon.com/piotrzarzycki>*
Reply | Threaded
Open this post in threaded view
|

Re: Release Apache Flex Installer 3.4

Alex Harui-2
Hi Piotr,

I think I didn't use the right certificate for 3.2 so folks moving to 3.3
had a problem.  As long as you use the right certificates for 3.4 there
shouldn't be a problem.

It occurs to me that we might want to call this release 3.3.1 instead of
3.4 since it is a single bug fix release, but up to you.  Is the only
change the one fix you made?

Thanks,
-Alex

On 4/12/18, 1:27 AM, "Piotr Zarzycki" <[hidden email]> wrote:

>Hi Alex,
>
>IMO something rings into my head that we have had some problems with sign
>certificates last time. Do you recall something ?
>
>Thanks,
>Piotr
>
>2018-04-12 10:25 GMT+02:00 Alex Harui <[hidden email]>:
>
>> I would skip last call and cut the RC.  But yes, use SHA512 with a
>>.sha512
>> suffix.
>>
>> My 2 cents,
>> -Alex
>>
>> On 4/12/18, 12:48 AM, "Piotr Zarzycki" <[hidden email]>
>>wrote:
>>
>> >Hi Guys,
>> >
>> >Since I was able to fix issue with OSMF I would like to prepare release
>> >candidate. Should I go through the LAST CALL ? Can I omit it and just
>> >prepare RC1 ?
>> >
>> >I should also sign sources by SH1 yes ?
>> >
>> >Thanks,
>> >--
>> >
>> >Piotr Zarzycki
>> >
>> >Patreon:
>> >*https://na01.safelinks.protection.outlook.com/?url=
>> https%3A%2F%2Fwww.patr
>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
>> 7C9f32952e7b6d49
>> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
>> cee1%7C0%7C0%7C6365911614
>> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
>> c0%2FkX6RW2doJo%3D&reserved=0
>> ><https://na01.safelinks.protection.outlook.com/?url=
>> https%3A%2F%2Fwww.patr
>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
>> 7C9f32952e7b6d49
>> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
>> cee1%7C0%7C0%7C6365911614
>> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
>> c0%2FkX6RW2doJo%3D&reserved=0
>> >>*
>>
>>
>
>
>--
>
>Piotr Zarzycki
>
>Patreon:
>*https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.patr
>eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7Cc66b636ca44d41
>a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C6365911850
>76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQOJA%3D&reserved
>=0
><https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.patr
>eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7Cc66b636ca44d41
>a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C6365911850
>76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQOJA%3D&reserved
>=0>*

Reply | Threaded
Open this post in threaded view
|

Re: Release Apache Flex Installer 3.4

piotrz
Hi Alex,

I think it is a good idea to have 3.3.1 instead 3.4.

Thanks,
Piotr

2018-04-12 17:16 GMT+02:00 Alex Harui <[hidden email]>:

> Hi Piotr,
>
> I think I didn't use the right certificate for 3.2 so folks moving to 3.3
> had a problem.  As long as you use the right certificates for 3.4 there
> shouldn't be a problem.
>
> It occurs to me that we might want to call this release 3.3.1 instead of
> 3.4 since it is a single bug fix release, but up to you.  Is the only
> change the one fix you made?
>
> Thanks,
> -Alex
>
> On 4/12/18, 1:27 AM, "Piotr Zarzycki" <[hidden email]> wrote:
>
> >Hi Alex,
> >
> >IMO something rings into my head that we have had some problems with sign
> >certificates last time. Do you recall something ?
> >
> >Thanks,
> >Piotr
> >
> >2018-04-12 10:25 GMT+02:00 Alex Harui <[hidden email]>:
> >
> >> I would skip last call and cut the RC.  But yes, use SHA512 with a
> >>.sha512
> >> suffix.
> >>
> >> My 2 cents,
> >> -Alex
> >>
> >> On 4/12/18, 12:48 AM, "Piotr Zarzycki" <[hidden email]>
> >>wrote:
> >>
> >> >Hi Guys,
> >> >
> >> >Since I was able to fix issue with OSMF I would like to prepare release
> >> >candidate. Should I go through the LAST CALL ? Can I omit it and just
> >> >prepare RC1 ?
> >> >
> >> >I should also sign sources by SH1 yes ?
> >> >
> >> >Thanks,
> >> >--
> >> >
> >> >Piotr Zarzycki
> >> >
> >> >Patreon:
> >> >*https://na01.safelinks.protection.outlook.com/?url=
> >> https%3A%2F%2Fwww.patr
> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> >> 7C9f32952e7b6d49
> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
> >> cee1%7C0%7C0%7C6365911614
> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
> >> c0%2FkX6RW2doJo%3D&reserved=0
> >> ><https://na01.safelinks.protection.outlook.com/?url=
> >> https%3A%2F%2Fwww.patr
> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> >> 7C9f32952e7b6d49
> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
> >> cee1%7C0%7C0%7C6365911614
> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
> >> c0%2FkX6RW2doJo%3D&reserved=0
> >> >>*
> >>
> >>
> >
> >
> >--
> >
> >Piotr Zarzycki
> >
> >Patreon:
> >*https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.patr
> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> 7Cc66b636ca44d41
> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C0%7C0%7C6365911850
> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%
> 2BNyQjwRFm6SQOJA%3D&reserved
> >=0
> ><https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.patr
> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> 7Cc66b636ca44d41
> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C0%7C0%7C6365911850
> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%
> 2BNyQjwRFm6SQOJA%3D&reserved
> >=0>*
>
>


--

Piotr Zarzycki

Patreon: *https://www.patreon.com/piotrzarzycki
<https://www.patreon.com/piotrzarzycki>*
Reply | Threaded
Open this post in threaded view
|

Re: Release Apache Flex Installer 3.4

piotrz
Unfortunately I did not remeber may passphrase for signing files. I have
private key, revoking keys, but don't know how to actually use it to
recover it. I did search some way, but cannot find straight instruction.

Can someone sign for me that release or pass some help on that ?

Thanks,
Piotr

2018-04-12 17:52 GMT+02:00 Piotr Zarzycki <[hidden email]>:

> Hi Alex,
>
> I think it is a good idea to have 3.3.1 instead 3.4.
>
> Thanks,
> Piotr
>
> 2018-04-12 17:16 GMT+02:00 Alex Harui <[hidden email]>:
>
>> Hi Piotr,
>>
>> I think I didn't use the right certificate for 3.2 so folks moving to 3.3
>> had a problem.  As long as you use the right certificates for 3.4 there
>> shouldn't be a problem.
>>
>> It occurs to me that we might want to call this release 3.3.1 instead of
>> 3.4 since it is a single bug fix release, but up to you.  Is the only
>> change the one fix you made?
>>
>> Thanks,
>> -Alex
>>
>> On 4/12/18, 1:27 AM, "Piotr Zarzycki" <[hidden email]> wrote:
>>
>> >Hi Alex,
>> >
>> >IMO something rings into my head that we have had some problems with sign
>> >certificates last time. Do you recall something ?
>> >
>> >Thanks,
>> >Piotr
>> >
>> >2018-04-12 10:25 GMT+02:00 Alex Harui <[hidden email]>:
>> >
>> >> I would skip last call and cut the RC.  But yes, use SHA512 with a
>> >>.sha512
>> >> suffix.
>> >>
>> >> My 2 cents,
>> >> -Alex
>> >>
>> >> On 4/12/18, 12:48 AM, "Piotr Zarzycki" <[hidden email]>
>> >>wrote:
>> >>
>> >> >Hi Guys,
>> >> >
>> >> >Since I was able to fix issue with OSMF I would like to prepare
>> release
>> >> >candidate. Should I go through the LAST CALL ? Can I omit it and just
>> >> >prepare RC1 ?
>> >> >
>> >> >I should also sign sources by SH1 yes ?
>> >> >
>> >> >Thanks,
>> >> >--
>> >> >
>> >> >Piotr Zarzycki
>> >> >
>> >> >Patreon:
>> >> >*https://na01.safelinks.protection.outlook.com/?url=
>> >> https%3A%2F%2Fwww.patr
>> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
>> >> 7C9f32952e7b6d49
>> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
>> >> cee1%7C0%7C0%7C6365911614
>> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
>> >> c0%2FkX6RW2doJo%3D&reserved=0
>> >> ><https://na01.safelinks.protection.outlook.com/?url=
>> >> https%3A%2F%2Fwww.patr
>> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
>> >> 7C9f32952e7b6d49
>> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
>> >> cee1%7C0%7C0%7C6365911614
>> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
>> >> c0%2FkX6RW2doJo%3D&reserved=0
>> >> >>*
>> >>
>> >>
>> >
>> >
>> >--
>> >
>> >Piotr Zarzycki
>> >
>> >Patreon:
>> >*<a href="https://na01.safelinks.protection.outlook.com/?url=https%">https://na01.safelinks.protection.outlook.com/?url=https%
>> 3A%2F%2Fwww.patr
>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7
>> Cc66b636ca44d41
>> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%
>> 7C0%7C6365911850
>> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQ
>> OJA%3D&reserved
>> >=0
>> ><<a href="https://na01.safelinks.protection.outlook.com/?url=https%">https://na01.safelinks.protection.outlook.com/?url=https%
>> 3A%2F%2Fwww.patr
>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7
>> Cc66b636ca44d41
>> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%
>> 7C0%7C6365911850
>> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQ
>> OJA%3D&reserved
>> >=0>*
>>
>>
>
>
> --
>
> Piotr Zarzycki
>
> Patreon: *https://www.patreon.com/piotrzarzycki
> <https://www.patreon.com/piotrzarzycki>*
>



--

Piotr Zarzycki

Patreon: *https://www.patreon.com/piotrzarzycki
<https://www.patreon.com/piotrzarzycki>*
Reply | Threaded
Open this post in threaded view
|

Re: Release Apache Flex Installer 3.4

Alex Harui-2
Hi Piotr,

I don't see any way to recover your passphrase.  The advice I see is to
keep trying to remember what it was.

Otherwise, the advice says to create a new key and revoke the old one.  I
could sign this release, but you might as well take the time to either
remember the passphrase or create a new key.

HTH,
-Alex

On 4/15/18, 1:34 AM, "Piotr Zarzycki" <[hidden email]> wrote:

>Unfortunately I did not remeber may passphrase for signing files. I have
>private key, revoking keys, but don't know how to actually use it to
>recover it. I did search some way, but cannot find straight instruction.
>
>Can someone sign for me that release or pass some help on that ?
>
>Thanks,
>Piotr
>
>2018-04-12 17:52 GMT+02:00 Piotr Zarzycki <[hidden email]>:
>
>> Hi Alex,
>>
>> I think it is a good idea to have 3.3.1 instead 3.4.
>>
>> Thanks,
>> Piotr
>>
>> 2018-04-12 17:16 GMT+02:00 Alex Harui <[hidden email]>:
>>
>>> Hi Piotr,
>>>
>>> I think I didn't use the right certificate for 3.2 so folks moving to
>>>3.3
>>> had a problem.  As long as you use the right certificates for 3.4 there
>>> shouldn't be a problem.
>>>
>>> It occurs to me that we might want to call this release 3.3.1 instead
>>>of
>>> 3.4 since it is a single bug fix release, but up to you.  Is the only
>>> change the one fix you made?
>>>
>>> Thanks,
>>> -Alex
>>>
>>> On 4/12/18, 1:27 AM, "Piotr Zarzycki" <[hidden email]>
>>>wrote:
>>>
>>> >Hi Alex,
>>> >
>>> >IMO something rings into my head that we have had some problems with
>>>sign
>>> >certificates last time. Do you recall something ?
>>> >
>>> >Thanks,
>>> >Piotr
>>> >
>>> >2018-04-12 10:25 GMT+02:00 Alex Harui <[hidden email]>:
>>> >
>>> >> I would skip last call and cut the RC.  But yes, use SHA512 with a
>>> >>.sha512
>>> >> suffix.
>>> >>
>>> >> My 2 cents,
>>> >> -Alex
>>> >>
>>> >> On 4/12/18, 12:48 AM, "Piotr Zarzycki" <[hidden email]>
>>> >>wrote:
>>> >>
>>> >> >Hi Guys,
>>> >> >
>>> >> >Since I was able to fix issue with OSMF I would like to prepare
>>> release
>>> >> >candidate. Should I go through the LAST CALL ? Can I omit it and
>>>just
>>> >> >prepare RC1 ?
>>> >> >
>>> >> >I should also sign sources by SH1 yes ?
>>> >> >
>>> >> >Thanks,
>>> >> >--
>>> >> >
>>> >> >Piotr Zarzycki
>>> >> >
>>> >> >Patreon:
>>> >> >*https://na01.safelinks.protection.outlook.com/?url=
>>> >> https%3A%2F%2Fwww.patr
>>> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
>>> >> 7C9f32952e7b6d49
>>> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
>>> >> cee1%7C0%7C0%7C6365911614
>>> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
>>> >> c0%2FkX6RW2doJo%3D&reserved=0
>>> >> ><https://na01.safelinks.protection.outlook.com/?url=
>>> >> https%3A%2F%2Fwww.patr
>>> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
>>> >> 7C9f32952e7b6d49
>>> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
>>> >> cee1%7C0%7C0%7C6365911614
>>> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
>>> >> c0%2FkX6RW2doJo%3D&reserved=0
>>> >> >>*
>>> >>
>>> >>
>>> >
>>> >
>>> >--
>>> >
>>> >Piotr Zarzycki
>>> >
>>> >Patreon:
>>> >*<a href="https://na01.safelinks.protection.outlook.com/?url=https%">https://na01.safelinks.protection.outlook.com/?url=https%
>>> 3A%2F%2Fwww.patr
>>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7
>>> Cc66b636ca44d41
>>> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%
>>> 7C0%7C6365911850
>>> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQ
>>> OJA%3D&reserved
>>> >=0
>>> ><<a href="https://na01.safelinks.protection.outlook.com/?url=https%">https://na01.safelinks.protection.outlook.com/?url=https%
>>> 3A%2F%2Fwww.patr
>>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7
>>> Cc66b636ca44d41
>>> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%
>>> 7C0%7C6365911850
>>> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQ
>>> OJA%3D&reserved
>>> >=0>*
>>>
>>>
>>
>>
>> --
>>
>> Piotr Zarzycki
>>
>> Patreon:
>>*https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.pat
>>reon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7Cd7af70c9f1f1
>>44ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C6365937
>>80794811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBhatrV%2B5o1zHTBw%3D&reserv
>>ed=0
>>
>><https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.pat
>>reon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7Cd7af70c9f1f1
>>44ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C6365937
>>80794811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBhatrV%2B5o1zHTBw%3D&reserv
>>ed=0>*
>>
>
>
>
>--
>
>Piotr Zarzycki
>
>Patreon:
>*https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.patr
>eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7Cd7af70c9f1f144
>ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C6365937807
>94811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBhatrV%2B5o1zHTBw%3D&reserved=0
><https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.patr
>eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7Cd7af70c9f1f144
>ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C6365937807
>94811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBhatrV%2B5o1zHTBw%3D&reserved=0
>>*

Reply | Threaded
Open this post in threaded view
|

Re: Release Apache Flex Installer 3.4

piotrz
Hi Alex,

I decided revoke my old key and created new one. I signed releases once,
but now I cannot find myself with that. In the Apache resources there
suggestion how to configure gpg in order to have SHA-512 [1]. I did it but
I'm not sure if I do this archives will be signed appropriately.

gpg --armor --output myfile.zip.asc --detach-sig myfile.zip

And later separately I should generate somehow SHA-512 hash ?

[1] https://www.apache.org/dev/openpgp.html#sha-defaults

Thanks,
Piotr

2018-04-16 3:12 GMT+02:00 Alex Harui <[hidden email]>:

> Hi Piotr,
>
> I don't see any way to recover your passphrase.  The advice I see is to
> keep trying to remember what it was.
>
> Otherwise, the advice says to create a new key and revoke the old one.  I
> could sign this release, but you might as well take the time to either
> remember the passphrase or create a new key.
>
> HTH,
> -Alex
>
> On 4/15/18, 1:34 AM, "Piotr Zarzycki" <[hidden email]> wrote:
>
> >Unfortunately I did not remeber may passphrase for signing files. I have
> >private key, revoking keys, but don't know how to actually use it to
> >recover it. I did search some way, but cannot find straight instruction.
> >
> >Can someone sign for me that release or pass some help on that ?
> >
> >Thanks,
> >Piotr
> >
> >2018-04-12 17:52 GMT+02:00 Piotr Zarzycki <[hidden email]>:
> >
> >> Hi Alex,
> >>
> >> I think it is a good idea to have 3.3.1 instead 3.4.
> >>
> >> Thanks,
> >> Piotr
> >>
> >> 2018-04-12 17:16 GMT+02:00 Alex Harui <[hidden email]>:
> >>
> >>> Hi Piotr,
> >>>
> >>> I think I didn't use the right certificate for 3.2 so folks moving to
> >>>3.3
> >>> had a problem.  As long as you use the right certificates for 3.4 there
> >>> shouldn't be a problem.
> >>>
> >>> It occurs to me that we might want to call this release 3.3.1 instead
> >>>of
> >>> 3.4 since it is a single bug fix release, but up to you.  Is the only
> >>> change the one fix you made?
> >>>
> >>> Thanks,
> >>> -Alex
> >>>
> >>> On 4/12/18, 1:27 AM, "Piotr Zarzycki" <[hidden email]>
> >>>wrote:
> >>>
> >>> >Hi Alex,
> >>> >
> >>> >IMO something rings into my head that we have had some problems with
> >>>sign
> >>> >certificates last time. Do you recall something ?
> >>> >
> >>> >Thanks,
> >>> >Piotr
> >>> >
> >>> >2018-04-12 10:25 GMT+02:00 Alex Harui <[hidden email]>:
> >>> >
> >>> >> I would skip last call and cut the RC.  But yes, use SHA512 with a
> >>> >>.sha512
> >>> >> suffix.
> >>> >>
> >>> >> My 2 cents,
> >>> >> -Alex
> >>> >>
> >>> >> On 4/12/18, 12:48 AM, "Piotr Zarzycki" <[hidden email]>
> >>> >>wrote:
> >>> >>
> >>> >> >Hi Guys,
> >>> >> >
> >>> >> >Since I was able to fix issue with OSMF I would like to prepare
> >>> release
> >>> >> >candidate. Should I go through the LAST CALL ? Can I omit it and
> >>>just
> >>> >> >prepare RC1 ?
> >>> >> >
> >>> >> >I should also sign sources by SH1 yes ?
> >>> >> >
> >>> >> >Thanks,
> >>> >> >--
> >>> >> >
> >>> >> >Piotr Zarzycki
> >>> >> >
> >>> >> >Patreon:
> >>> >> >*https://na01.safelinks.protection.outlook.com/?url=
> >>> >> https%3A%2F%2Fwww.patr
> >>> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> >>> >> 7C9f32952e7b6d49
> >>> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
> >>> >> cee1%7C0%7C0%7C6365911614
> >>> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
> >>> >> c0%2FkX6RW2doJo%3D&reserved=0
> >>> >> ><https://na01.safelinks.protection.outlook.com/?url=
> >>> >> https%3A%2F%2Fwww.patr
> >>> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> >>> >> 7C9f32952e7b6d49
> >>> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
> >>> >> cee1%7C0%7C0%7C6365911614
> >>> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
> >>> >> c0%2FkX6RW2doJo%3D&reserved=0
> >>> >> >>*
> >>> >>
> >>> >>
> >>> >
> >>> >
> >>> >--
> >>> >
> >>> >Piotr Zarzycki
> >>> >
> >>> >Patreon:
> >>> >*<a href="https://na01.safelinks.protection.outlook.com/?url=https%">https://na01.safelinks.protection.outlook.com/?url=https%
> >>> 3A%2F%2Fwww.patr
> >>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7
> >>> Cc66b636ca44d41
> >>> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%
> >>> 7C0%7C6365911850
> >>> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQ
> >>> OJA%3D&reserved
> >>> >=0
> >>> ><<a href="https://na01.safelinks.protection.outlook.com/?url=https%">https://na01.safelinks.protection.outlook.com/?url=https%
> >>> 3A%2F%2Fwww.patr
> >>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7
> >>> Cc66b636ca44d41
> >>> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%
> >>> 7C0%7C6365911850
> >>> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQ
> >>> OJA%3D&reserved
> >>> >=0>*
> >>>
> >>>
> >>
> >>
> >> --
> >>
> >> Piotr Zarzycki
> >>
> >> Patreon:
> >>*https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.pat
> >>reon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com
> %7Cd7af70c9f1f1
> >>44ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C0%7C0%7C6365937
> >>80794811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
> atrV%2B5o1zHTBw%3D&reserv
> >>ed=0
> >>
> >><https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.pat
> >>reon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com
> %7Cd7af70c9f1f1
> >>44ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C0%7C0%7C6365937
> >>80794811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
> atrV%2B5o1zHTBw%3D&reserv
> >>ed=0>*
> >>
> >
> >
> >
> >--
> >
> >Piotr Zarzycki
> >
> >Patreon:
> >*https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.patr
> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> 7Cd7af70c9f1f144
> >ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C0%7C0%7C6365937807
> >94811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
> atrV%2B5o1zHTBw%3D&reserved=0
> ><https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.patr
> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> 7Cd7af70c9f1f144
> >ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C0%7C0%7C6365937807
> >94811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
> atrV%2B5o1zHTBw%3D&reserved=0
> >>*
>
>


--

Piotr Zarzycki

Patreon: *https://www.patreon.com/piotrzarzycki
<https://www.patreon.com/piotrzarzycki>*
Reply | Threaded
Open this post in threaded view
|

Re: Release Apache Flex Installer 3.4

Alex Harui-2
Hi Piotr,

In flex-utilities/flex-installer/build.xml, the "release" Ant target
should take you through signing.  GPG is not used to generate the sha512
checksums, the Ant checksum task is instead and you will have to modify
those tasks in build.xml not only with the new algorithm but also the
correct suffix since the default is not right for Apache.

HTH,
-Alex

On 4/16/18, 10:30 AM, "Piotr Zarzycki" <[hidden email]> wrote:

>Hi Alex,
>
>I decided revoke my old key and created new one. I signed releases once,
>but now I cannot find myself with that. In the Apache resources there
>suggestion how to configure gpg in order to have SHA-512 [1]. I did it but
>I'm not sure if I do this archives will be signed appropriately.
>
>gpg --armor --output myfile.zip.asc --detach-sig myfile.zip
>
>And later separately I should generate somehow SHA-512 hash ?
>
>[1]
>https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.apach
>e.org%2Fdev%2Fopenpgp.html%23sha-defaults&data=02%7C01%7Caharui%40adobe.co
>m%7Cf74cd21ba9c746fa055c08d5a3bfbb2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C
>0%7C0%7C636594966241934576&sdata=PG2KpG5LB4m72Z4B7hYJ01K2cPYFo4klpDs0U44lc
>eI%3D&reserved=0
>
>Thanks,
>Piotr
>
>2018-04-16 3:12 GMT+02:00 Alex Harui <[hidden email]>:
>
>> Hi Piotr,
>>
>> I don't see any way to recover your passphrase.  The advice I see is to
>> keep trying to remember what it was.
>>
>> Otherwise, the advice says to create a new key and revoke the old one.
>>I
>> could sign this release, but you might as well take the time to either
>> remember the passphrase or create a new key.
>>
>> HTH,
>> -Alex
>>
>> On 4/15/18, 1:34 AM, "Piotr Zarzycki" <[hidden email]> wrote:
>>
>> >Unfortunately I did not remeber may passphrase for signing files. I
>>have
>> >private key, revoking keys, but don't know how to actually use it to
>> >recover it. I did search some way, but cannot find straight
>>instruction.
>> >
>> >Can someone sign for me that release or pass some help on that ?
>> >
>> >Thanks,
>> >Piotr
>> >
>> >2018-04-12 17:52 GMT+02:00 Piotr Zarzycki <[hidden email]>:
>> >
>> >> Hi Alex,
>> >>
>> >> I think it is a good idea to have 3.3.1 instead 3.4.
>> >>
>> >> Thanks,
>> >> Piotr
>> >>
>> >> 2018-04-12 17:16 GMT+02:00 Alex Harui <[hidden email]>:
>> >>
>> >>> Hi Piotr,
>> >>>
>> >>> I think I didn't use the right certificate for 3.2 so folks moving
>>to
>> >>>3.3
>> >>> had a problem.  As long as you use the right certificates for 3.4
>>there
>> >>> shouldn't be a problem.
>> >>>
>> >>> It occurs to me that we might want to call this release 3.3.1
>>instead
>> >>>of
>> >>> 3.4 since it is a single bug fix release, but up to you.  Is the
>>only
>> >>> change the one fix you made?
>> >>>
>> >>> Thanks,
>> >>> -Alex
>> >>>
>> >>> On 4/12/18, 1:27 AM, "Piotr Zarzycki" <[hidden email]>
>> >>>wrote:
>> >>>
>> >>> >Hi Alex,
>> >>> >
>> >>> >IMO something rings into my head that we have had some problems
>>with
>> >>>sign
>> >>> >certificates last time. Do you recall something ?
>> >>> >
>> >>> >Thanks,
>> >>> >Piotr
>> >>> >
>> >>> >2018-04-12 10:25 GMT+02:00 Alex Harui <[hidden email]>:
>> >>> >
>> >>> >> I would skip last call and cut the RC.  But yes, use SHA512 with
>>a
>> >>> >>.sha512
>> >>> >> suffix.
>> >>> >>
>> >>> >> My 2 cents,
>> >>> >> -Alex
>> >>> >>
>> >>> >> On 4/12/18, 12:48 AM, "Piotr Zarzycki"
>><[hidden email]>
>> >>> >>wrote:
>> >>> >>
>> >>> >> >Hi Guys,
>> >>> >> >
>> >>> >> >Since I was able to fix issue with OSMF I would like to prepare
>> >>> release
>> >>> >> >candidate. Should I go through the LAST CALL ? Can I omit it and
>> >>>just
>> >>> >> >prepare RC1 ?
>> >>> >> >
>> >>> >> >I should also sign sources by SH1 yes ?
>> >>> >> >
>> >>> >> >Thanks,
>> >>> >> >--
>> >>> >> >
>> >>> >> >Piotr Zarzycki
>> >>> >> >
>> >>> >> >Patreon:
>> >>> >> >*https://na01.safelinks.protection.outlook.com/?url=
>> >>> >> https%3A%2F%2Fwww.patr
>> >>> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
>> >>> >> 7C9f32952e7b6d49
>> >>> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
>> >>> >> cee1%7C0%7C0%7C6365911614
>> >>> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
>> >>> >> c0%2FkX6RW2doJo%3D&reserved=0
>> >>> >> ><https://na01.safelinks.protection.outlook.com/?url=
>> >>> >> https%3A%2F%2Fwww.patr
>> >>> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
>> >>> >> 7C9f32952e7b6d49
>> >>> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
>> >>> >> cee1%7C0%7C0%7C6365911614
>> >>> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
>> >>> >> c0%2FkX6RW2doJo%3D&reserved=0
>> >>> >> >>*
>> >>> >>
>> >>> >>
>> >>> >
>> >>> >
>> >>> >--
>> >>> >
>> >>> >Piotr Zarzycki
>> >>> >
>> >>> >Patreon:
>> >>> >*<a href="https://na01.safelinks.protection.outlook.com/?url=https%">https://na01.safelinks.protection.outlook.com/?url=https%
>> >>> 3A%2F%2Fwww.patr
>> >>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7
>> >>> Cc66b636ca44d41
>> >>> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%
>> >>> 7C0%7C6365911850
>> >>> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQ
>> >>> OJA%3D&reserved
>> >>> >=0
>> >>> ><<a href="https://na01.safelinks.protection.outlook.com/?url=https%">https://na01.safelinks.protection.outlook.com/?url=https%
>> >>> 3A%2F%2Fwww.patr
>> >>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7
>> >>> Cc66b636ca44d41
>> >>> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%
>> >>> 7C0%7C6365911850
>> >>> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQ
>> >>> OJA%3D&reserved
>> >>> >=0>*
>> >>>
>> >>>
>> >>
>> >>
>> >> --
>> >>
>> >> Piotr Zarzycki
>> >>
>> >> Patreon:
>> >>*https://na01.safelinks.protection.outlook.com/?url=
>> https%3A%2F%2Fwww.pat
>> >>reon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com
>> %7Cd7af70c9f1f1
>> >>44ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
>> cee1%7C0%7C0%7C6365937
>> >>80794811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
>> atrV%2B5o1zHTBw%3D&reserv
>> >>ed=0
>> >>
>> >><https://na01.safelinks.protection.outlook.com/?url=
>> https%3A%2F%2Fwww.pat
>> >>reon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com
>> %7Cd7af70c9f1f1
>> >>44ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
>> cee1%7C0%7C0%7C6365937
>> >>80794811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
>> atrV%2B5o1zHTBw%3D&reserv
>> >>ed=0>*
>> >>
>> >
>> >
>> >
>> >--
>> >
>> >Piotr Zarzycki
>> >
>> >Patreon:
>> >*https://na01.safelinks.protection.outlook.com/?url=
>> https%3A%2F%2Fwww.patr
>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
>> 7Cd7af70c9f1f144
>> >ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
>> cee1%7C0%7C0%7C6365937807
>> >94811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
>> atrV%2B5o1zHTBw%3D&reserved=0
>> ><https://na01.safelinks.protection.outlook.com/?url=
>> https%3A%2F%2Fwww.patr
>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
>> 7Cd7af70c9f1f144
>> >ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
>> cee1%7C0%7C0%7C6365937807
>> >94811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
>> atrV%2B5o1zHTBw%3D&reserved=0
>> >>*
>>
>>
>
>
>--
>
>Piotr Zarzycki
>
>Patreon:
>*https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.patr
>eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7Cf74cd21ba9c746
>fa055c08d5a3bfbb2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C6365949662
>41944580&sdata=PxyD1ClCgs1lRbjR7IHnLCNhM2ARfNvAkqxAISiEi8Q%3D&reserved=0
><https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fwww.patr
>eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7Cf74cd21ba9c746
>fa055c08d5a3bfbb2f%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%7C0%7C6365949662
>41944580&sdata=PxyD1ClCgs1lRbjR7IHnLCNhM2ARfNvAkqxAISiEi8Q%3D&reserved=0>*

Reply | Threaded
Open this post in threaded view
|

Re: Release Apache Flex Installer 3.4

piotrz
Alex,

I just pushed changes to the script and was able to generate on windows
signed artifacts! Now I can somehow build dmg on Mac. I hope that signing I
will be able to do on Windows, cause don't want to go through some
configuration for signing there.

I'm definitely not a Mac user.

Many Thanks for the help. It's moving forward slowly.
Piotr

2018-04-16 19:38 GMT+02:00 Alex Harui <[hidden email]>:

> Hi Piotr,
>
> In flex-utilities/flex-installer/build.xml, the "release" Ant target
> should take you through signing.  GPG is not used to generate the sha512
> checksums, the Ant checksum task is instead and you will have to modify
> those tasks in build.xml not only with the new algorithm but also the
> correct suffix since the default is not right for Apache.
>
> HTH,
> -Alex
>
> On 4/16/18, 10:30 AM, "Piotr Zarzycki" <[hidden email]> wrote:
>
> >Hi Alex,
> >
> >I decided revoke my old key and created new one. I signed releases once,
> >but now I cannot find myself with that. In the Apache resources there
> >suggestion how to configure gpg in order to have SHA-512 [1]. I did it but
> >I'm not sure if I do this archives will be signed appropriately.
> >
> >gpg --armor --output myfile.zip.asc --detach-sig myfile.zip
> >
> >And later separately I should generate somehow SHA-512 hash ?
> >
> >[1]
> >https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.apach
> >e.org%2Fdev%2Fopenpgp.html%23sha-defaults&data=02%7C01%7Caharui%
> 40adobe.co
> >m%7Cf74cd21ba9c746fa055c08d5a3bfbb2f%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C
> >0%7C0%7C636594966241934576&sdata=PG2KpG5LB4m72Z4B7hYJ01K2cPYFo4
> klpDs0U44lc
> >eI%3D&reserved=0
> >
> >Thanks,
> >Piotr
> >
> >2018-04-16 3:12 GMT+02:00 Alex Harui <[hidden email]>:
> >
> >> Hi Piotr,
> >>
> >> I don't see any way to recover your passphrase.  The advice I see is to
> >> keep trying to remember what it was.
> >>
> >> Otherwise, the advice says to create a new key and revoke the old one.
> >>I
> >> could sign this release, but you might as well take the time to either
> >> remember the passphrase or create a new key.
> >>
> >> HTH,
> >> -Alex
> >>
> >> On 4/15/18, 1:34 AM, "Piotr Zarzycki" <[hidden email]>
> wrote:
> >>
> >> >Unfortunately I did not remeber may passphrase for signing files. I
> >>have
> >> >private key, revoking keys, but don't know how to actually use it to
> >> >recover it. I did search some way, but cannot find straight
> >>instruction.
> >> >
> >> >Can someone sign for me that release or pass some help on that ?
> >> >
> >> >Thanks,
> >> >Piotr
> >> >
> >> >2018-04-12 17:52 GMT+02:00 Piotr Zarzycki <[hidden email]>:
> >> >
> >> >> Hi Alex,
> >> >>
> >> >> I think it is a good idea to have 3.3.1 instead 3.4.
> >> >>
> >> >> Thanks,
> >> >> Piotr
> >> >>
> >> >> 2018-04-12 17:16 GMT+02:00 Alex Harui <[hidden email]>:
> >> >>
> >> >>> Hi Piotr,
> >> >>>
> >> >>> I think I didn't use the right certificate for 3.2 so folks moving
> >>to
> >> >>>3.3
> >> >>> had a problem.  As long as you use the right certificates for 3.4
> >>there
> >> >>> shouldn't be a problem.
> >> >>>
> >> >>> It occurs to me that we might want to call this release 3.3.1
> >>instead
> >> >>>of
> >> >>> 3.4 since it is a single bug fix release, but up to you.  Is the
> >>only
> >> >>> change the one fix you made?
> >> >>>
> >> >>> Thanks,
> >> >>> -Alex
> >> >>>
> >> >>> On 4/12/18, 1:27 AM, "Piotr Zarzycki" <[hidden email]>
> >> >>>wrote:
> >> >>>
> >> >>> >Hi Alex,
> >> >>> >
> >> >>> >IMO something rings into my head that we have had some problems
> >>with
> >> >>>sign
> >> >>> >certificates last time. Do you recall something ?
> >> >>> >
> >> >>> >Thanks,
> >> >>> >Piotr
> >> >>> >
> >> >>> >2018-04-12 10:25 GMT+02:00 Alex Harui <[hidden email]>:
> >> >>> >
> >> >>> >> I would skip last call and cut the RC.  But yes, use SHA512 with
> >>a
> >> >>> >>.sha512
> >> >>> >> suffix.
> >> >>> >>
> >> >>> >> My 2 cents,
> >> >>> >> -Alex
> >> >>> >>
> >> >>> >> On 4/12/18, 12:48 AM, "Piotr Zarzycki"
> >><[hidden email]>
> >> >>> >>wrote:
> >> >>> >>
> >> >>> >> >Hi Guys,
> >> >>> >> >
> >> >>> >> >Since I was able to fix issue with OSMF I would like to prepare
> >> >>> release
> >> >>> >> >candidate. Should I go through the LAST CALL ? Can I omit it and
> >> >>>just
> >> >>> >> >prepare RC1 ?
> >> >>> >> >
> >> >>> >> >I should also sign sources by SH1 yes ?
> >> >>> >> >
> >> >>> >> >Thanks,
> >> >>> >> >--
> >> >>> >> >
> >> >>> >> >Piotr Zarzycki
> >> >>> >> >
> >> >>> >> >Patreon:
> >> >>> >> >*https://na01.safelinks.protection.outlook.com/?url=
> >> >>> >> https%3A%2F%2Fwww.patr
> >> >>> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> >> >>> >> 7C9f32952e7b6d49
> >> >>> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
> >> >>> >> cee1%7C0%7C0%7C6365911614
> >> >>> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
> >> >>> >> c0%2FkX6RW2doJo%3D&reserved=0
> >> >>> >> ><https://na01.safelinks.protection.outlook.com/?url=
> >> >>> >> https%3A%2F%2Fwww.patr
> >> >>> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> >> >>> >> 7C9f32952e7b6d49
> >> >>> >> >3c7e1708d5a049d920%7Cfa7b1b5a7b34438794aed2c178de
> >> >>> >> cee1%7C0%7C0%7C6365911614
> >> >>> >> >63234704&sdata=oyZAeVftnVBPZmKVyASyh4quCnDfOj
> >> >>> >> c0%2FkX6RW2doJo%3D&reserved=0
> >> >>> >> >>*
> >> >>> >>
> >> >>> >>
> >> >>> >
> >> >>> >
> >> >>> >--
> >> >>> >
> >> >>> >Piotr Zarzycki
> >> >>> >
> >> >>> >Patreon:
> >> >>> >*<a href="https://na01.safelinks.protection.outlook.com/?url=https%">https://na01.safelinks.protection.outlook.com/?url=https%
> >> >>> 3A%2F%2Fwww.patr
> >> >>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7
> >> >>> Cc66b636ca44d41
> >> >>> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%
> >> >>> 7C0%7C6365911850
> >> >>> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQ
> >> >>> OJA%3D&reserved
> >> >>> >=0
> >> >>> ><<a href="https://na01.safelinks.protection.outlook.com/?url=https%">https://na01.safelinks.protection.outlook.com/?url=https%
> >> >>> 3A%2F%2Fwww.patr
> >> >>> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%7
> >> >>> Cc66b636ca44d41
> >> >>> >a90d9608d5a04f4c24%7Cfa7b1b5a7b34438794aed2c178decee1%7C0%
> >> >>> 7C0%7C6365911850
> >> >>> >76278362&sdata=ui83E66leJRPwW%2BWG6oseX3Y9EYL%2BNyQjwRFm6SQ
> >> >>> OJA%3D&reserved
> >> >>> >=0>*
> >> >>>
> >> >>>
> >> >>
> >> >>
> >> >> --
> >> >>
> >> >> Piotr Zarzycki
> >> >>
> >> >> Patreon:
> >> >>*https://na01.safelinks.protection.outlook.com/?url=
> >> https%3A%2F%2Fwww.pat
> >> >>reon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com
> >> %7Cd7af70c9f1f1
> >> >>44ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
> >> cee1%7C0%7C0%7C6365937
> >> >>80794811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
> >> atrV%2B5o1zHTBw%3D&reserv
> >> >>ed=0
> >> >>
> >> >><https://na01.safelinks.protection.outlook.com/?url=
> >> https%3A%2F%2Fwww.pat
> >> >>reon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com
> >> %7Cd7af70c9f1f1
> >> >>44ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
> >> cee1%7C0%7C0%7C6365937
> >> >>80794811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
> >> atrV%2B5o1zHTBw%3D&reserv
> >> >>ed=0>*
> >> >>
> >> >
> >> >
> >> >
> >> >--
> >> >
> >> >Piotr Zarzycki
> >> >
> >> >Patreon:
> >> >*https://na01.safelinks.protection.outlook.com/?url=
> >> https%3A%2F%2Fwww.patr
> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> >> 7Cd7af70c9f1f144
> >> >ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
> >> cee1%7C0%7C0%7C6365937807
> >> >94811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
> >> atrV%2B5o1zHTBw%3D&reserved=0
> >> ><https://na01.safelinks.protection.outlook.com/?url=
> >> https%3A%2F%2Fwww.patr
> >> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> >> 7Cd7af70c9f1f144
> >> >ec8dce08d5a2abb667%7Cfa7b1b5a7b34438794aed2c178de
> >> cee1%7C0%7C0%7C6365937807
> >> >94811935&sdata=X7Koolzj3qpIJJi3OlMnM1FuuPOrBh
> >> atrV%2B5o1zHTBw%3D&reserved=0
> >> >>*
> >>
> >>
> >
> >
> >--
> >
> >Piotr Zarzycki
> >
> >Patreon:
> >*https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.patr
> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> 7Cf74cd21ba9c746
> >fa055c08d5a3bfbb2f%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C0%7C0%7C6365949662
> >41944580&sdata=PxyD1ClCgs1lRbjR7IHnLCNhM2ARfNvAkqxAISiEi8Q%3D&reserved=0
> ><https://na01.safelinks.protection.outlook.com/?url=
> https%3A%2F%2Fwww.patr
> >eon.com%2Fpiotrzarzycki&data=02%7C01%7Caharui%40adobe.com%
> 7Cf74cd21ba9c746
> >fa055c08d5a3bfbb2f%7Cfa7b1b5a7b34438794aed2c178de
> cee1%7C0%7C0%7C6365949662
> >41944580&sdata=PxyD1ClCgs1lRbjR7IHnLCNhM2ARfN
> vAkqxAISiEi8Q%3D&reserved=0>*
>
>


--

Piotr Zarzycki

Patreon: *https://www.patreon.com/piotrzarzycki
<https://www.patreon.com/piotrzarzycki>*