Re: Use of DSA number for general announcements (was: [DSA 2548-1] Debian Security Team PGP/GPG key change notice)
Hi David,
On Fri, September 14, 2012 03:28, David Prevot wrote:
>> This is a notice to inform you, that our previous PGP/GPG key expired.
>
> Thanks for notifying us on debian-security-announce@l.d.o, but I
> disagree that such an announcement deserves a DSA number. DSA-2360 was
> also a misuse of a DSA number IMHO, and would have deserved a copy on
> wider audience (e.g. on debian-announce@l.d.o). Please don't hesitate to
> get in touch with the press or publicity team next time you prepare a
> big announcement.
Well, this is of course how we 'always' do it. I'm not sure I understand:
why is it a problem to use (even misuse?) a number? They are free and we
have ample supply.
I doubt a technicallity like a key rollover, which is only relevant for
people actively conversing with the security team, is useful to post to
debian-announce.
Cheers,
Thijs
Reply to: