Re: Replacing/phasing out PGP (was Re: Idea for non-free organization)
Hi,
>>"James" == James Troup <james@nocrew.org> writes:
James> jdassen@wi.leidenuniv.nl writes:
>> How difficult would it be to extend our infrastructure (new maintainer
>> acceptance; developer-keyring; dpkg-dev) with support for gpg?
James> But this will bite lots of current maintainers who try to build
James> packages and get flummoxed when build/dpkg-buildpackage starts moaning
James> "gpg command not found" and they then have to be told to do -ppgp. If
James> pgp stays as default we have to tell all new maintainers to use -pgpg
James> because their PGP keys won't be in the Debian keyring. It's not a
James> nice situation, and I would like to hear what others think.
Can we possibly change dpkg-buildpackage to check for gpg, and
then pgp, and not to fall flat on it's face when something is not
found? Like use gpg by preference, or use pgp if available, or gently
wanr the use that pgp does not exist and hence packages shall not e
signed, and please remember to sign before uploading?
Inflexibility in code, especially one so easily fixed, is an
anathema.
manoj
--
"I believe the use of noise to make music will increase until we
reach a music produced through the aid of electrical instruments
which will make available for musical purposes any and all sounds
that can be heard." composer John Cage, 1937
Manoj Srivastava <srivasta@acm.org> <http://www.datasync.com/%7Esrivasta/>
Key C7261095 fingerprint = CB D9 F4 12 68 07 E4 05 CC 2D 27 12 1D F5 E8 6E
--
To UNSUBSCRIBE, email to debian-policy-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: