[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Keyring handling for new archive software


as you might know a couple of people are currently busy setting up the
new archive maintaining software (dak). dak needs to know from whom it
should accept package uploads.

This is implemented by comparing GPG signatures on changes-files against
a know keyring.

For now we have set it up that the 'ftpmasters' need to be notified by
drift@ to add a new person to this keyring. 

I would advise to move that completly to drift@, as it's drift's duty to
add new accounts anyway. Additional to login-name and password-hash the
gpg key-id will then also be requested by drift@.

ftpmasters then would setup some kind of keyring sync, and would be
complete out of duty on that.

I would like to hear some comments on this idea.
We could also just process as its curently implemented, but as we are
still in early phase of the setup, changes are easier to do.


Reply to: