Keyring handling for new archive software

To: debian-edu@lists.debian.org
Subject: Keyring handling for new archive software
From: Martin Zobel-Helas <zobel@ftbfs.de>
Date: Tue, 7 Mar 2006 18:59:11 +0100
Message-id: <[🔎] 20060307175911.GE12821@frigg.ftbfs.de>

Hi,

as you might know a couple of people are currently busy setting up the
new archive maintaining software (dak). dak needs to know from whom it
should accept package uploads.

This is implemented by comparing GPG signatures on changes-files against
a know keyring.

For now we have set it up that the 'ftpmasters' need to be notified by
drift@ to add a new person to this keyring. 

I would advise to move that completly to drift@, as it's drift's duty to
add new accounts anyway. Additional to login-name and password-hash the
gpg key-id will then also be requested by drift@.

ftpmasters then would setup some kind of keyring sync, and would be
complete out of duty on that.

I would like to hear some comments on this idea.
We could also just process as its curently implemented, but as we are
still in early phase of the setup, changes are easier to do.

Greetings
Martin

Reply to:

Follow-Ups:
- Re: Keyring handling for new archive software
  - From: Steffen Joeris <Steffen.Joeris@skolelinux.de>

Prev by Date: Your Bugzilla buglist needs attention.
Next by Date: Re: Keyring handling for new archive software
Previous by thread: Your Bugzilla buglist needs attention.
Next by thread: Re: Keyring handling for new archive software
Index(es):
- Date
- Thread