Bug#41794: dpkg-buildpackage PGP key lookup
On Sat, Oct 23, 1999 at 07:03:41AM +0000, Alexander Koch wrote:
> On Fri, 22 October 1999 23:19:48 -0400, Ben Collins wrote:
> > The real problem is that having a maintainer address
> > that is not referenced in the key ring is, IMO, bad.
> So for example for zebra the Maintainer is
> Maintainer: Endre Hirling and Alexander Koch <email@example.com>
> which is not in the keyring, I was signing it with my key
> which at least has firstname.lastname@example.org in it.
> This will not be possible any more? Or do I misunderstand
> something here?
No, it's possible, nothing was changed about this. That's an interesting
case I hadn't thought about. What Brian was refering to was having say
"Ben M. Collins <email@example.com>" as the maintainer field, but
signing it with "B. Collins <firstname.lastname@example.org>", which could be solved
by simply adding the first ID to the key.
I'll admit though, the case you show (and now that I think of it, several
similar cases where the package might be maintained by a group) would
benefit from such a feature).