Re: Giving away PGP2 (packages pgp-i, pgp-us)
> Now that hamm is safely released, I'm going to act on my threat a few
> months ago: I'm giving up on maintaining the PGP2 packages, pgp-i and
> pgp-us. Since these will still be critical for Debian for some time to
> come, it is important to get a new maintainer quickly.
Don't take this as volunteering, yet. I wonder if we can use pgp5? I
have scoured the documentation for it and cannot figure out if it is
export controlled or not. I assume it has the same restrictions as
pgp2 due to the necessary inclusion of RSA algorithms.
>
> My reason for giving up is that I feel I've fought enough with the
> low quality of the PGP source code, and do not feel I have the nerve
> anymore to tackle it to fix remaining problems, of which there are couple
> severe ones in the bug tracking system.
>
> In addition to the severe ones, there are a few easy ones that are
> mostly packaging issues, and that should serve well as a way to get
> familiar with the package for the new maintainer.
>
> Since PGP is export-controlled in the US, and some other countries also
> have stupid, police-state laws about crypto, prospective new maintaiers
> should check their local laws about such issues before volunteering. As
> far as I know, most civilized countries in the Europe (e.g., Finland, the
> Netherlands, Germany, and the UK, but not necessarily France and Sweden,
> though I have no hard facts about either) are OK in this regard. However,
> you should check it yourself.
>
> In addition, I'm giving up on rsaref, which I only packaged since pgp-us
> needs it. The new PGP maintainer probably wants to take over that as well.
I may be willing when I my ADSL line comes through.
-- Marc
--
To UNSUBSCRIBE, email to debian-devel-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: