[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: State of the debian keyring

On Sun, 23 Feb 2014, Marco d'Itri wrote:
> gwolf@gwolf.org wrote:
> >So, what do you suggest?
> Persuade developers that they should sign the new key of people whose
> old key they have already signed, with no need to meet them in person.
> (Also, my keyring update request has been waiting for 3 weeks now to be
> processed.)

No.  But they should try to sign all[1] keys they had signed with their old
key (VERY BIG difference) for which the reason of the signature still
remains valid.

Anyone has a script to find out the full keyid of all keys that have been
signed by a specific [full] keyid?

[1] well, I'd skip signing anything below 2048R or expired, *and* require
e-mail address verification to weed out expired UIDs somewat.

  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to: