Enrico Zini wrote:
For example, you have several IDs in your key. If I have reason to believe that you don't receive mail in one of them (for example, I can notice that a domain has expired, or I can send fake spam to all of them and see if one bounces), then I can use that address in Maintainer: and Changed-by:, and dak will mail there.
But this is a deliberate policy decision, not a technical limitation, because these mails have been introduced for convenience, not as a security measure. In fact, presently, the sponsor mails are not sent if the keyholder's name (as put in projectb) appears in Changed-By or Maintainer, regardless of the mail address, so your scheme to 'circumvent' their sending is excessively complicated.
But regardless of specific examples, this is an extra, complementary layer of security. The GPG key is our most important security token, and a way to track its usage is the least that we should have.
Whether it belongs to QA or ftp-master, is what I'm trying to find out.
Well, if there everyone wanted these mails, it would be trivial to send them unconditionally instead of conditionally.
Kind regards T. -- Thomas Viehmann, http://thomas.viehmann.net/