On Fri, Jul 16, 1999 at 06:14:02PM +0200, Martin Butterweck wrote: > The Developers Reference says I should use pgp for now, but the package > debian-keyrings includes keys for gpg as well, so I wondered if the > reference perhaps isnt up to date anymore and I can as well use gpg when > i become a developer (real soon :). I'm working on a HOWTO for this, but it works like this ... gpg supports pgp keyrings with either gpg-rsa or gpg-rsaref installed. dpkg-buildpackage supports a gpg interface, however if you have more than one key with the same email address, you're going to have issues with it with versions of dpkg-dev prior to 1.4.1.5. You just add -pgpg -sgpg -k<keyid> to dpkg-buildpackage and gpg will be used with the right key even. In my case: -pgpg -sgpg -k0x50BDA0ED A pgp key should be signed with itself. A gpg key should be as well, but also with a pgp key if you have one and don't mind installing one of the rsa modules. Note that you need to use rsaref in the US because of the software patent. dinstall does or will soon support the use of DSA keys. Same with the voting system. In another couple of months, RSA keys that pgp 2.x used will be totally unnecessary for a new developer and pgp will not even need to be installed (YAY!) I'll still recommend keeping gpg-rsa{,ref} around for awhile to check sigs on stuff still using pgp, but still gpg-rsa is at least free---unless you live in the US. And even that will change in something close to about 430 more days. -- Joseph Carter <knghtbrd@debian.org> Debian GNU/Linux developer GnuPG: 2048g/3F9C2A43 - 20F6 2261 F185 7A3E 79FC 44F9 8FF7 D7A3 DCF9 DAB3 PGP 2.6: 2048R/50BDA0ED - E8 D6 84 81 E3 A8 BB 77 8E E2 29 96 C9 44 5F BE -------------------------------------------------------------------------- <Davide> how bout a policy policing policy with a policy for changing the police policing policy
Attachment:
pgpWxwlMZRAg_.pgp
Description: PGP signature