Re: State of the debian keyring
>> Please update that page. In particular, it *requires* a third party to
>> request the key swap on your behalf.
This was also my understanding when I read through this page. It was only
just recently that I realised that the exceptional case was first and that
the first statement of instruction 2 did not apply:
"2. Alice must get a Debian developer (ideally not Bob) to sign a message
requesting the replacement of key X with key Y on behalf of Alice."
I know I got to the point of doing step 2 ages ago and, having read that
requirement, put the rest of the process in the too hard basket. (jmw's
suggested reordering of this paragraph helps a lot here)
Can I also make a concrete suggestion that the document include a couple of
commands to be run to help people know what information to include? We
already know that DDs aren't as good with gpg as everyone would like them to
be, so including the precise command will help a lot here and save them
fighting through gpg documentation again (which is just another barrier to
people actually doing this):
`gpg --list-sigs 0xNewKeyId` in step 1
`gpg --fingerprint 0xOldKeyId` `gpg --fingerprint 0xNewKeyId` as a step 0
(and perhaps move the paragraphs that are after the steps into numbered
steps)
The suggestion of automating generating the output with a short script would
work too, although it only wants to be a few lines long so that anyone can
look at it and trivially understand what it is going to do.
cheers
Stuart
(who has finally mailed RT for the key rollover and will soon find out if he
has actually understood the process properly)
--
Stuart Prescott http://www.nanonanonano.net/ stuart@nanonanonano.net
Debian Developer http://www.debian.org/ stuart@debian.org
GPG fingerprint BE65 FD1E F4EA 08F3 23D4 3C6D 9FE8 B8CD 71C5 D1A8
Reply to: