Re: Bits from the DAMs
=?iso-8859-15?q?J=E9r=F4me_Marant?= <jmarant@free.fr> writes:
>> - We wont accept[5] applicants who have only one signature on their GPG-key
>> if that signature is made by the advocate. If it has only a signature
>> from the advocate at least another one from the web-of-trust is
>> needed. Not neccessarly a DD to sign the key, any other well-connected
>> key is sufficient.
>> Applicants will be put on hold until this is fixed, but it shouldn't
>> last too long.
>> This is to avoid theoretical things against us/the applicants, that
>> they are "faked" by the advocate, by providing one or more other
>> signatures from different people.
>
> I don't get it. Do you have a concrete example that makes this necessary?
> It seems more and more difficult to become member of Debian, which is
> after all a volonteer-only project. Why trying to more and more discourage
> people to contribute?
Do you realy think it is difficult to get a second signature onto your
gpg key? Go to one key-signing party and you get 10 even on a small
one.
It might be difficult to get a DD signature for geographical reasons
but any signature is pretty simple. And, given how tight the web of
trust is, a random signature is probably no more than 2-4 hops away
from a DD.
>> - Also not accepted are people without traceable actions for
>> Debian. Examples of this include
>> - having only one package in the archive, with only one upload,
>> - packages with dead upstream and no visible changes in Debian either,
>> - a poor or non-existent handling of their bugs for the package(s).
>
> What about translators? Isn't it time to give them a real status?
> They definitely aren't second-class contributors.
That should be a "traceable action" through the changelogs.
MfG
Goswin
Reply to: