On Wed, Mar 08, 2006 at 03:34:33PM +0100, Andreas Schuldei wrote:
> - Keyring Mainainance
> The only person working on this is very busy. More redundancy
> and a more user-driven attitude could help a lot. I have been
> talking to the keyring maintainer on several occasions last year
> but we have not yet found a way or a candiate to help.
> Ideas? Nominations?
So, since I have a pretty good relationship with James, I'm aware of
three instances of issues with key updates after revocations in the past
few months.
The first was Chip Salzenburg's request for a key update, subsequent
flaming over lack of responsiveness, and eventual resignation. AIUI,
Chip happened to make the request when James was particularly busy,
including increasingly demanding requests each day following that for a
week, and pestering James on work channels (#ubuntu-devel). Chip's key
updates were included in the next keyring update, unfortunately after that
had escalated into a flamewar on -devel, and Chip's resignation. The DPL
sent a request through to James about how that was handled, which James
responded to in some detail. To the best of my knowledge there was no
further followup from the DPL or the DPL team.
The second key replacement I'm familiar with was that of Simon Horms,
who (not long after Chip's resignation) /msg'ed me asking if I had any
idea if the replacement request he'd sent a couple of days earlier had
been received; I said that wasn't something I could check, and suggested
he /msg elmo with a polite request to see it had been received, since
keyring-maint tends to get buried under spam. I didn't hear anything
since, and ttbomk Horms was able to upload again pretty quickly.
The third was Andres Salomon; I prodded him about some random bug for
some random testing transition, and he replied that he couldn't do much
about it without his key getting replaced -- which he'd tried to get
done months ago. I spoke to James to see what was going on, he checked
his mailbox and found absolutely nothing about it. When I passed this
on to Andres, it turned out the mail requesting the update hadn't been
sent in the first place. That was rectified, and his key was updated
within a week or so.
In the mail to the DPL I mentioned above, James outlined three fairly
significant technical changes that could be implemented to make the
job easier, and could be done by anyone, without requiring any special
priveleges; and also noted why he doesn't believe it's technically
feasible to have the keyring maintained by multiple people, and how that
could be fixed.
So, I don't see how you can say how you "have not found a way to
help", and in all the cases I've seen, I don't think there's been any
significant problem in the way updates have been handled, at least on
the keyring-maint's behalf.
> - FTP-Masters
> Transparency has improved and new people have been added.
> FTP-Masters have problems interacting with some other high
> profile, active developers, though.
We chatted about this on IRC at the beginning of October, to wit:
22:50 <aj> (i note you didn't come up with any specific problems in how
ftpmaster's operating)
22:51 <stockholm> do you want to know?
22:51 <aj> why wouldn't i?
22:51 <aj> i asked, didn't i?
22:51 <stockholm> because you would perceive it as nagging.
22:51 <aj> huh?
22:52 <stockholm> lol
22:52 <stockholm> not???
22:52 <stockholm> i can send it in a mail if you want to
22:52 <stockholm> must run now.
22:52 <aj> the only thing i can think that would be nagging is if you're going
to say "stable updates taking a while", which doesn't strike me as
particularly exciting
22:53 <stockholm> sure, i can do that, then (c:
You didn't /msg me again until December, on a largely unrelated matter;
and never sent any email of that nature. Would you care to detail why
not, or what you or the DPL team were working on instead of communicating
your concerns to us?
In any event, it's very difficult to make improvements when people won't
tell you what the problems they see are, or don't find any improvement
to ever be good enough.
(The r1 update to sarge was delayed for a couple of reasons iirc; one
that I've forgotten, the other was due to the delay in the finalisation
of some fairly critical security updates for the kernel. The update
happened a couple of days after they were prepared, in spite of some
random problems coincidently caused by Horms' key replacement)
Cheers,
aj
Attachment:
signature.asc
Description: Digital signature