[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: using <...@debian.org> as maintainer address

Adam P. Harris wrote:

> Clearly I have a PGP key, and my name on that key is 
> <apharris@onshore.com>, which is my std email address.  I don't want to 
> have to change and redistribute this key.

You can add a userid to the key.  See the pgp docs for the way to do
that.  People who do not have this new userid can still use your key
just fine, so the "change and redistribute" part is optional.

If you want other people to know about the new userid, just extract
your key from the keyring and upload it to the PGP key servers
(there's a doc for that too).  If I recall correctly, the Debian
keyring is automatically updated from these servers.

> I'm one of those lusers who uses debhelper, so I'd appreciate if someone 
> could clarify the following points.

There's no luserhood attached to the use of debhelper :)
Just make sure you understand what it does.

> It looks like the operative places for email is in debian/control and 
> debian/changelog.   Further, it looks like debian/changelog is parsed to 
> determine who's PGP key to look for.  OTOH, debian/control is used for the 
> "Maintainer" field in the final .deb.  This is correct, right?

Correct as far as I know.  Note that this is all done by dpkg-buildpackage
and dpkg-gencontrol, not debhelper.

> My real question is whether it's actually kosher to have divergance 
> between my email address in the changelog (for the purposes of PGP'ing) 
> and my email address in the control file?

This currently has no effect, but the automatic bug closing feature
that's in the works will probably view such uploads as non-maintainer

It would be a good idea to either change your maintainer address to
match one of the userids on your PGP key, or add the address as a 
new userid.

Richard Braakman

Reply to: