Re: Replacing my key
On Fri, 11 Jun 2010 22:39:02 +0300
George Danchev <danchev@spnet.net> wrote:
> Tony Houghton writes:
> > I'm a sponsored maintainer (of roxterm) and I've just approached a local
> > DD to have my key signed. He pointed out that SHA1-generated keys are
> > deprecated so I should probably generate a new, more secure, key. As my
> > old key is already presumably "in the system" due to existing versions
> > of roxterm, how should I go about replacing it with a new one?
>
> There is nothing to replace. Your source package always gets rebuilt by your
> sponsors and signed by their own gpg key, i.e. they are responsible for the
> upload in the same way they are responsible for their own packages uploads.
> You can check that out with 'who-uploads source_package_name'.
OK, that makes sense.
--
TH * http://www.realh.co.uk
Reply to: