[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[patch]: NM page update request (GPG)

On Sun, Oct 27, 2002 at 09:18:20AM +0100, Joerg Jaspert wrote:
> Oohara Yuuma <oohara@libra.interq.or.jp> writes:
> > I don't think you can pass the NM queue without a signed GPG key
> > nowadays.
> Why?
> A signed key is preferred and required for most of the NMs. But there
> are people living in areas where you cant get a signed key.

Then why not say so there.  See my patch which also addresses gpg usage
issue.  Someone, please proof read my english :-)

I do not think search.keyserver.net is usable anymore.

Oh ... looking at time... daylight saving time is over :-)

Good night.

-- 
~\^o^/~~~ ~\^.^/~~~ ~\^*^/~~~ ~\^_^/~~~ ~\^+^/~~~ ~\^:^/~~~ ~\^v^/~~~ +++++
        Osamu Aoki <osamu@debian.org>   Cupertino CA USA, GPG-key: A8061F32
 .''`.  Debian Reference: post-installation user's guide for non-developers
 : :' : http://qref.sf.net and http://people.debian.org/~osamu
 `. `'  "Our Priorities are Our Users and Free Software" --- Social Contract


--- nm-step1.wml	2002-10-27 01:46:39.000000000 -0700
+++ nm-step1.wml.new	2002-10-27 01:00:06.000000000 -0800
@@ -29,10 +29,12 @@
 fill out a web form and thereby verify the applicant's application (More
 information about the Advocate system can be found in the
 <A HREF="./nm-advocate">guidelines for advocates</A>).
-<LI>a way to <A HREF = "./nm-step2">identify</A> himself (preferably by
-having a GPG key signed by an existing Debian Developer or, alternatively,
-by sending in a photo of his drivers license or passport signed digitally
-with his GPG key).
+<LI>a way to <A HREF = "./nm-step2">identify</A> himself by
+having a GPG key signed by an existing Debian Developer. 
+Only for the people living in areas where one can not get his GPG key 
+signed by an existing Debian Developer, sending in a photo of his 
+drivers license or passport signed digitally with his GPG key may be 
+accepted as the alternative method to identify himself.
 <LI>enough experience in order to become an official Debian Developer
 (the preferred way is to have a package
 <A HREF ="./newmaint#Sponsor">sponsored</A> by a Debian developer; of course,

--- nm-step2.wml	2002-09-23 10:02:24.000000000 -0700
+++ nm-step2.wml.new	2002-10-27 01:17:19.000000000 -0800
@@ -49,7 +49,8 @@
 <A HREF="http://wwwkeys.us.pgp.net/";>public key servers</A>.  You can
 export your public key using:</P>
 <pre>
-gpg --send-key --keyserver germany.keyserver.net  yourkeyid
+$ for xx in us es cz de dk uk ch; \
+$ gpg --send-key --keyserver wwwkeys.$xx.pgp.net yourkeyid
 </pre>
 
 
@@ -60,6 +61,11 @@
 ElGamal keys themselves do <em>not</em> need to be regenerated.
 Only the signatures created by ElGamal keys.</P>
 
+<P>Note: It is a good idea <em>not to create more than 2 sub-keys</em>.  
+If you do, keyservers on pgp.net is known to <em>corrupt</em> your key.
+Neither search.keyserver.net nor pgp.ai.mit.edu are usable recently.
+</P>
+
 <P>
 You should upgrade GPG to version &gt;= 1.0.4, since the older
 version has serious bugs which could lead to false signature
Reply to: