Re: Signature strength of .dsc

To: debian-devel@lists.debian.org
Subject: Re: Signature strength of .dsc
From: Bastian Blank <waldi@debian.org>
Date: Fri, 1 Dec 2023 14:01:16 +0100
Message-id: <[🔎] 20231201130116.xjqgeo4rocpxyi2x@shell.thinkmo.de>
Mail-followup-to: debian-devel@lists.debian.org
In-reply-to: <[🔎] CANBHLUhv9rQJuBUoxJckkCwd6afpOLOc+5G8+6HfTxjb4jg2ag@mail.gmail.com>
References: <[🔎] CANBHLUhv9rQJuBUoxJckkCwd6afpOLOc+5G8+6HfTxjb4jg2ag@mail.gmail.com>

On Fri, Dec 01, 2023 at 12:20:16AM +0000, Dimitri John Ledkov wrote:
> And many of them cannot be verified using debian-keyring:
> 2,455 no public key
> 3 wrong key usage

And how many can be verified?  Do any show broken signatures?

> Should we stop requiring signed .dsc on uploads?

We had exactly that discussion some years ago in those two tag2upload
thread.  Maybe you should re-read that.

Why do you believe that 0% is better then 90%?

Bastian

-- 
All your people must learn before you can reach for the stars.
		-- Kirk, "The Gamesters of Triskelion", stardate 3259.2

Reply to:

References:
- Signature strength of .dsc
  - From: Dimitri John Ledkov <xnox@debian.org>

Prev by Date: Re: Signature strength of .dsc
Next by Date: Bug#1057201: ITP: rl-renderpm -- contains the ReportLab accelerator module
Previous by thread: Re: Signature strength of .dsc
Next by thread: Re: Signature strength of .dsc
Index(es):
- Date
- Thread