news 28 Posted September 28, 2009 Hi. It's been a few months, various things have happened and so it's probably time for another keyring-maint update. New keyring-maint member ======================== First up I'd like to welcome Gunnar Wolf to keyring-maint. I've been aware for some time (and if I hadn't been there were plenty of people reminding me that with just one person working on it keyring was at risk of becoming a bottleneck, so I took the opportunity at DebConf to have a few discussions about people who could possibly help out. Gunnar has foolishly^Wgraciously stepped up to the plate and has been putting up with various brain dump emails from me about how things work. The plan is we'll get these tidied up and made public for reference, but at present we're working on getting him fully up to speed as a priority. (If you weren't at DebConf you can see how it happened at [0].) PGPv3 removal continues ======================= I mentioned back in May[1] that I'd started chasing DDs with both v3 and v4 keys in our keyrings about removing the v3 keys. Many people responded and confirmed it was ok to remove the v3 key immediately. A few stragglers wanted to hold off and check things out. And unfortunately a few failed to reply to repeated mails and I submitted them to the MIA team for investigation. I've now extended my reach to all remaining v3 keys, asking people if they have a suitable v4 key and pointing them at instructions for creating a new one if not. We're down to 58 v3 keys; if you're one of them and haven't reply to my mail please do so. It would be great if we could get rid of them all by Christmas. SHA2 capable key replacements ============================= Various key updates have been trickling in (moreso post DebConf) up[censored] keys to be SHA2 capable. I've been pushing back a bit on those keys that aren't particularly well signed and so far I think the WoT is keeping reasonably strong[2]. Please do make an effort to try and get you key as well signed as possible before requesting replacement. DM keyring added to keyring.debian.org ====================================== Another positive thing to come from discussions at DebConf was moving the Debian Maintainers keyring to be part of keyring.debian.org. This means it is distributed around the debian.org infrastructure in the same way as the DD keyring. The FTP masters have already taken advantage of this by enabling DM uploads on various extra upload queues[3]. Decisions about DMs are still made by the DM admin team; keyring-maint is merely responsible for acting on their requests to add new keys. J. [0] http://gwolf.org/blog/keyringmaint-addme [1] http://lists.debian.org/debian-devel-announce/2009/05/msg00005.html [2] http://keyring.debian.org/stats/ [3] http://lists.debian.org/debian-devel-announce/2009/08/msg00010.html -- I am afraid of the dark. This .sig brought to you by the letter L and the number 10 Product of the Republic of HuggieTag Share this post Link to post
