Bug#773861: Signify - OpenBSD's cryptographic signing tool

[Henrique de Moraes Holschuh <hmh@debian.org>]

On Tue, 13 Jan 2015, Riley Baird wrote:
> On 12/01/15 12:37, Brian White wrote:
> > I don't maintain Signify it any longer (or even use it) so feel free to do
> > with it whatever you like.
> 
> Hmm... does that mean that I need to adopt signify before
> signify-openbsd will be accepted?

Well, you cannot take over its package name without a transition that will
take at least one stable-release, either (so, it is a long-term thing).
Otherwise, you will regress the systems that have the old package installed
(and want it).

We went through one such package-name-swap "recently", involving the old git
package becoming gnuit, and the old git-core package becoming git.  You can
ask the people involved for the details.

While signify's popcon is low, it is still non-zero and the kind of thing
that is going to be hooked inside a crontab or login script.  So, a
transition of some sort is required to avoid breaking things for its users.

And if the transition also involves renaming /usr/bin/signify, not just the
package's name, it also needs to be handled with care.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh