Re: debian/upstream/signing-key.asc in policy 4.1.0

To: Russ Allbery <rra@debian.org>
Cc: devscripts-devel@lists.alioth.debian.org, guillem@debian.org, Paul Hardy <unifoundry@gmail.com>, Henrique de Moraes Holschuh <hmh@debian.org>, debian-policy@lists.debian.org, debian-dpkg@lists.debian.org, lintian-maint@debian.org
Subject: Re: debian/upstream/signing-key.asc in policy 4.1.0
From: Osamu Aoki <osamu@debian.org>
Date: Sun, 27 Aug 2017 00:55:26 +0900
Message-id: <[🔎] 20170826155526.3nofarxdieipesoh@tc4.so-net.ne.jp>
In-reply-to: <[🔎] 878tiauu4y.fsf@hope.eyrie.org>
References: <[🔎] CAJqvfD89vJeskgi3fBndDvzPfNOfL3_Rjtufo0j=MQooA+mFhg@mail.gmail.com> <[🔎] 87y3qnq9rl.fsf@hope.eyrie.org> <[🔎] 20170814114956.w5o7mm2hjqndy6wh@khazad-dum.debian.net> <[🔎] 87d17yp2me.fsf@hope.eyrie.org> <[🔎] 20170814165904.4hwqpwjmrxgr6q6t@khazad-dum.debian.net> <[🔎] 87wp66nkd5.fsf@hope.eyrie.org> <[🔎] 20170815142509.fk7rgpxnsmbe6jaq@goofy.tc4.so-net.ne.jp> <[🔎] CAJqvfD8hgypyKcQQ-P0m1-N9dx-XMmq1hpSaT610N1Ebjup5FA@mail.gmail.com> <[🔎] 20170823155948.qtbl4ougj3um3gvt@tc4.so-net.ne.jp> <[🔎] 878tiauu4y.fsf@hope.eyrie.org>

Hi,

On Wed, Aug 23, 2017 at 09:27:25AM -0700, Russ Allbery wrote:
> Osamu Aoki <osamu@debian.org> writes:
> > The updated uscan will support debian/upstream/signing-key.asc only and
> > internally convert it <tmpdir>/signing-key.gpg.  I will make uscan to
> > convert other formats to this policy compliant *.asc.  Also make noise
> > to the maintainer to push them to policy 4.1.0
> 
> Note that this Policy language is carefully written to make it perfectly
> fine for uscan to support all the things it currently supports, since it
> only talks about what Policy recommends the maintainer does.  So don't
> feel any obligation to change what uscan is doing on Policy's account
> here.

Maybe I should have been a bit careful with my words:

The updated uscan will support debian/upstream/signing-key.asc only as
the recommended keyring.  It will accept other historic keyrings but
also internally converts them to <tmpdir>/signing-key.gpg to guide
people to the new recommended format with some reminder noise.

> That said, as discussed elsewhere, I'm a huge fan of there being only one
> way to do something like this, with some easy tools to convert other
> methods into that one method.  It reduces everyone's cognitive load in the
> future.

Yes.

Osamu

Reply to:

Follow-Ups:
- Re: debian/upstream/signing-key.asc in policy 4.1.0
  - From: Osamu Aoki <osamu@debian.org>

References:
- Re: Upstream Tarball Signature Files
  - From: Paul Hardy <unifoundry@gmail.com>
- Re: Upstream Tarball Signature Files
  - From: Russ Allbery <rra@debian.org>
- Re: Upstream Tarball Signature Files
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Upstream Tarball Signature Files
  - From: Russ Allbery <rra@debian.org>
- Re: Upstream Tarball Signature Files
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Upstream Tarball Signature Files
  - From: Russ Allbery <rra@debian.org>
- Re: Upstream Tarball Signature Files
  - From: Osamu Aoki <osamu@debian.org>
- Re: Upstream Tarball Signature Files
  - From: Paul Hardy <unifoundry@gmail.com>
- debian/upstream/signing-key.asc in policy 4.1.0
  - From: Osamu Aoki <osamu@debian.org>
- Re: debian/upstream/signing-key.asc in policy 4.1.0
  - From: Russ Allbery <rra@debian.org>

Prev by Date: dupload_2.9.0_amd64.changes ACCEPTED into unstable
Next by Date: Re: debian/upstream/signing-key.asc in policy 4.1.0
Previous by thread: Re: debian/upstream/signing-key.asc in policy 4.1.0
Next by thread: Re: debian/upstream/signing-key.asc in policy 4.1.0
Index(es):
- Date
- Thread