Re: Debian and GPG/PGP key handling
On Sun, Jun 10, 2001 at 02:26:54PM +0200, Samuel Tardieu wrote:
>A few days ago, I took two actions regarding the two keys (a PGP one
>as well as a GPG one) I use for Debian (and for general purpose):
>
> (1) I revoked my PGP key as I prefer to use my GPG and DSA/ElGammal
> rather than RSA/IDEA;
>
> (2) I added a new UID which has been signed by a lot of people and
> created a subkey that I use for signing.
>
>Then I tried to update Debian's knowledge of my keys by:
>
> (1) Uploading the updated versions of this key to keyring.debian.org
> keyserver;
>I think that developers (and anyone in fact) should be able to update
>keys in Debian's keyring (let's not forget that any operation
>potentially harmless to the project needs the owner to sign the
>operation, so this is not a risk) and those changes should be taken in
>account immediately.
Our keyserver currently does accept most changes to keys which you are
describing, and the server logs indicate acceptence of updates to the
following keys:
[2001-06-10 15:17:44] 1024D/1E43D44E Samuel Tardieu <sam@inf.enst.fr>
(uid:1 sig:33 sub:1)
[2001-06-10 15:17:45] 1024R/31798069 Samuel Tardieu <sam@inf.enst.fr>
(sig:2)
Your RSA key shows as being revoked, although whether the revocation
certificate was accepted by the server or James updated it manually I'm
not sure.
Note however that changes submitted via the keyserver are periodically
incorporated into the keyrings used for db.debian.org manually, so
changes may not be immediately visible there.
Adding and removing entire keys (not just subkeys/uids) still requires a
message to keyring-maint@debian.org.
Regards,
--
Brendan O'Dea bod@compusol.com.au
Compusol Pty. Limited (NSW, Australia) +61 2 9810 3633
Reply to: