Re: Question about gpg key.
On 01/11/2012 02:02 AM, Boris Pek wrote:
>>>> What should be my next steps? Should I notify somewhere in Debian about new key
>>>> or just sign my packages by this key in the next uploads?
>>> Naturally, your key will have to be uploaded to a public key server. See this
>>> wiki page for more [1].
>>> Get your key signed by other Debian developers if you want to become a Debian
>>> Developer at some point. See this list to find someone in your area to sign it [2].
>>> Follow the instructions in [3] to get your new key into the Debian keyring.
>>
>> I have read all related documentation before send the message.
>> Procedure [4] affects only DD. But I am not even DM now.
>> And it seems like the key of a sponsored maintainer does not matter and it can
>> be changed in any moment. Because only one important thing in upload to the main
>> repo is the sign of sponsor (DD) which is checked by bot.
>> Correct me if I am wrong.
>>
>> That's why I asked the question.
>
> In other words.
> Should I sign my new key by old one or make any other action?
> Or can I just use new key as it is?
Since it hasn't been mentioned in this thread, Ana's page on creating a
new 4096R key and configuring gnupg properly was extremely helpful to me:
http://ekaia.org/blog/2009/05/10/creating-new-gpgkey/
--
Kind regards,
Michael Shuler
Reply to: