Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them

[Christian Perrier <bubulle@debian.org>]

Quoting Joerg Jaspert (joerg@debconf.org):

> Thats exactly why you should use caff. It is *LESS* work to not upload
> keys while you sign them then..


This is a very interesting point. I first began using caff (IIRC,
after Debconf5 keysigning party) because it makes the work much easier
for the lazy person that I am.

Funnily, its implementation of the process *also* makes it (the
process) more secure and reliable, thanks to the wisdom of the clever
people who developed it (the only problem I have is the use of a
specific homedir for GPG...but I bet there might several good
reasons for doing that).

So, indeed, I am currently using a more "secure" process mostly
because I initially wanted a tool to make my work easier..:)