Re: DLA documented
On Mon, Jul 14, 2014 at 06:45:06PM +0200, Alexander Wirt wrote:
> On Mon, 14 Jul 2014, Moritz Mühlenhoff wrote:
>
> > On Mon, Jul 14, 2014 at 05:06:26PM +0200, Holger Levsen wrote:
> > > Hi,
> > >
> > > Alexander Wirt just offered/suggested to reject mails not conforming to a
> > > certain subject format (eg including a DLA ID) as well as unsigned mails. (I'd
> > > suggest to only allow mails signed by keys able to upload.)
I don't think we should impose restrictions on the format of the mails. If we
want to welcome maintainers not part of the LTS team to take care of packages
in Debian LTS, we should not make this needlessly difficult.
Let's not mimick the existing security.debian.org infrastructure too much,
but rather have a look on how can create cleaner solutions from scratch
(and retrofit them into security.debian.org once they've proven themselves):
If IDs are important to people to have a specific identifier, we should rather
solve this technically: The script which checks the PGP signature could simply
increment the ID internally and rewrite the subject with [DLA $ID]. This saves
people from all hassle with allocating IDs and it's free of race conditions
in assigning IDs.
Cheers,
Moritz
Reply to: