On 2020-01-05 10:01 -0500, Tong Sun wrote: > Now, before I redo the upload (and get it stuck again), let me try to > understand the situation -- > > The reason it was stuck might be because my key was *considered* > expired. The problem is, I renewed it two or three weeks ago, and sent > it to pgp & > Ubuntu key servers. > > The mentors.debian.net accepted my (renewed) key, but ftp-master > didn't. Might that my key on ftp-master.debian.org is somehow not > refreshed? Anyway, I tried to fix the issue by refreshing my key to > keyring.debian.org. However, on reading https://keyring.debian.org/, I > stated to wonder that if it good enough *now*: > > > We will include your changed key in our next keyring push (which happens approx. monthly). > > What does it really mean? Shall I need to wait a month before uploading again? One thing is check that you are signing the packages with the new key and not the old one (not sure if 'renewing' counts as a new key or not?). If both are around (gpg -K will show available secret keys), it's very easy to sign with the wrong one, and then ftp-master quietly throws away your packages without telling you. I know this because I've had this problem for some time (my machine defaults to using the wrong key despite having default-key set in .gnupg/gpg.conf so I have to sign with an expicit key (debsign -k)). Wookey -- Principal hats: Linaro, Debian, Wookware, ARM http://wookware.org/
Attachment:
signature.asc
Description: PGP signature