Bug#1026277: ITP: quadrilateralcowboy -- first-person cyberpunk adventure game
Followup-For: Bug #1026277
On Sun, 28 May 2023 16:50:31 +0100, James wrote:
> * My release signing has been inconsistent, partly because I'm not sure I
> have a long-term commitment to being a Debian Maintainer/Developer, and
> partly because I'm not sure I can reliably keep those keys secure (so, at
> best I think they would provide some integrity verification support, but
> I don't think they really attest highly that I'm the sole or uncompromised
> author). Not a particularly useful mindset to have, some might argue, but
> it does lead to me towards using ephemeral keypairs (somewhere, once, I had
> some web-of-trust identity, but I haven't continued to use or maintain it).
In retrospect, I think this is probably an argument for exploring and learning
better signing practices rather than a packaging problem.
(also, to nitpick / clarify: when referring to authorship there, that was only
in reference to the packaging and edits made from the existing published open
source game engine code)
Reply to: