Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them

To: Petter Reinholdtsen <pere@hungry.com>
Cc: DebConf discuss <debconf-discuss@lists.debconf.org>
Subject: Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
From: Gunnar Wolf <gwolf@gwolf.org>
Date: Thu, 6 Aug 2009 23:31:01 -0500
Message-id: <[🔎] 20090807043100.GC15439@cajita.gateway.2wire.net>
In-reply-to: <[🔎] 20090806094449.GG7887@login2.uio.no>
References: <[🔎] 20090806063413.GR1684@mykerinos.kheops.frmug.org> <[🔎] 20090806071010.GB7887@login2.uio.no> <[🔎] 87skg5nw95.fsf@gkar.ganneff.de> <[🔎] 20090806094449.GG7887@login2.uio.no>

Petter Reinholdtsen dijo [Thu, Aug 06, 2009 at 11:44:49AM +0200]:
> [Joerg Jaspert]
> > Thats exactly why you should use caff. It is *LESS* work to not
> > upload keys while you sign them then..
> 
> Not for me, as both on the sending side (I do not have a machine both
> capable of sending email and signing keys), and on the receiving side
> (the machine I read email should not have my GPG key) I get extra
> work.  And I have enough tasks on my todo list already, so I do not
> plan to work on changing any of that. :)

In fact, I have not yet processed most of the signatures as the
machine where I read my mail does not have access to my new key — No
worries, though, I will upload them from my work machine... soon :-)

As for signing, I need only to have a machine able to relay mail
out. That's quite easy to get. On machines with (semi-)permanent
connection, I suggest you take a look at esmtp. All the signatures I
sent were sent using that, from a no-local-mail machine.

Using caff instead of manually uploading does not make it less
burdensome for you all by itself - although signing and sending tens
of signatures is done by running a single command, and it is really
painless. Yes, you have to intervene manually to fetch+send your newly
received signatures, but that's something we are all getting used to
;-) Besides, you cannot control how other people send you their
signatures (hence Christian's mail). And parsing/processing a mbox is
quite automatizable!

So, use caff. Resistance is futile, you will be assimilated.

Greetings,

-- 
Gunnar Wolf • gwolf@gwolf.org • (+52-55)5623-0154 / 1451-2244

Reply to:

References:
- [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
  - From: Christian Perrier <bubulle@debian.org>
- Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
  - From: Petter Reinholdtsen <pere@hungry.com>
- Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
  - From: Joerg Jaspert <joerg@debconf.org>
- Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
  - From: Petter Reinholdtsen <pere@hungry.com>

Prev by Date: Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
Next by Date: Re: [Debconf-discuss] Please don't upload GPG keys to keyserver?when signing them
Previous by thread: Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
Next by thread: Re: [Debconf-discuss] Please don't upload GPG keys to keyserver when signing them
Index(es):
- Date
- Thread