Re: Release.gpg is by a key I which is not signed

To: debian-testing@lists.debian.org
Subject: Re: Release.gpg is by a key I which is not signed
From: Matt Kraai <kraai@debian.org>
Date: Sat, 2 Mar 2002 01:25:34 -0800
Message-id: <[🔎] 20020302092534.GD310@catalonia>
Mail-followup-to: debian-testing@lists.debian.org
In-reply-to: <[🔎] 20020302073956.GR8233@nova.vor.em.ca>
References: <[🔎] 20020301204939.GC593@catalonia> <[🔎] 20020302073956.GR8233@nova.vor.em.ca>

On Sat, Mar 02, 2002 at 07:39:56AM +0000, Tom Goulet wrote:
> > The key used to create Release.gpg can be found here[1].
> > 1. http://ftp-master.debian.org/ziyi_key_2002.asc
> 
> Thank you.
> 
> Should it be signed by at least one Debian developer?
> 
> As it is the security scheme is not useful as that key is not in the web
> of trust.

You should raise this issue on debian-security or with the
ftpmasters.  They might know the rationale.

Matt

Attachment: pgp_hzw9mxalN.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: Release.gpg is by a key I which is not signed
  - From: Anthony Towns <aj@azure.humbug.org.au>

References:
- Re: Release.gpg is by a key I cannot find
  - From: Matt Kraai <kraai@debian.org>
- Release.gpg is by a key I which is not signed
  - From: Tom Goulet <tomg@em.ca>

Prev by Date: Release.gpg is by a key I which is not signed
Next by Date: slow zsnes with opengl :(
Previous by thread: Release.gpg is by a key I which is not signed
Next by thread: Re: Release.gpg is by a key I which is not signed
Index(es):
- Date
- Thread