Re: apt 0.6 and how it does *not* solve the problem
On Mon, 23 Aug 2004 09:34, Geoff <firstname.lastname@example.org> wrote:
> There is an elaborate system to maintain quality in new Debian
> developers (which seems like a good idea to me). Why not have some sort
> of system for ensuring the quality in continuing DD?
> If a DD didn't meet the criteria they would go into an inactive list,
> and if they stayed in the inactive list for 3 months, would go into the
> retired list, and their gpg keys _somehow_ invalidated. Is it possible
> on a gpg key server to mark a key as invalid, with out access to the
> private key?
Sounds like a reasonable idea. We can't automatically make the key invalid.
But we can have a central Debian key that's used to sign the keys of all
developers. If such a signature was revoked then it would show the change in
status of the developer.
Removing developers who don't meet certain criteria (EG no package uploads for
6 months) from active status makes a lot of sense. Anyone care to propose a
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page