Hello Nilesh, Nilesh Patra (via nm.debian.org) dijo [Mon, Jul 18, 2022 at 01:31:35PM -0000]: > For the past several months, I have worked with Robin Jarry on buildbot and aerc. > (...) > For this past work, Robin Jarry sent mails using the email address robin@jarry.cc > which is the one they're using on nm.debian.org. > > I have made the following checks for their keys: > > 1. Checked a few mails for signatures in a lot of private correspondence we have had > > 2. Checked their signed commits to the repositories. I checked several of his upstream project > repositories releases (aerc,dlrepo,sysrepo-python etc.), which are all signed with his gpg key. > > 3. Made sure that they are able to decrypt the messages sent to them with their GPG key > > I've made sure that they are able to decrypt encrypted messages sent to this key > and that they're able to sign messages with the same key. > > Due to the long-term interactions we had, I'm convinced that Robin Jarry as they > present themselves on nm.debian.org is the rightful owner of both email > robin@jarry.cc and GPG key DC07 18E3 22E2 C760 5EBD C831 4695 7EC0 8FD0 FE90. Please be a bit more specific. How many months is "past several months"? What does "a few mails" mean? What is a "long-term interaction"? Thank you very much,
Attachment:
signature.asc
Description: PGP signature