Am 19.11.2011 15:38, schrieb Thomas Bächler:
Hello developers / TUs,
My Arch master key is available at [1] with fingerprint 6841 48BB 25B4 9E98 6A49 44C5 5184 252D 824B 18E8.
Every packager, please do the following: 1) Reply to this email to thomas@master-key.archlinux.org and fully quote this email. Include your gerolde/sigurd username in the email. Sign your reply using your GPG key. 2) Upload your public key (gpg --armor --export $KEYID) to your home directory on gerolde/sigurd under the name $HOME/arch-linux-packager-key. 3) Name at least one package in the repositories already signed with your key.
Sadly, this process will only prove that you are in posession of the ssh key to upload packages into the repositories. I will contact you personally afterwards if I need further identification.
Please note: there are be 5 master key holders (Allan, Dan, Pierre, Ionut, me), and you need at least 3 signatures on your key so your packages will be trusted by pacman.
Regards Thomas
[1] https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.asc
Please note: There are many TUs (and some devs) that didn't reply to this request yet. There are even TUs that replied to the other master key holders, but not me. Please be aware that you have to contact all master key holders separately in the way stated in the request. It is not sufficient to reply just one of them! Also be aware that after some transition time, gerolde and sigurd will check your signature on db-update, and WILL REJECT THE PACKAGE IF YOUR KEY IS NOT TRUSTED. Therefore, completing the key submission to the master key holders is non-optional! When replying, please make sure that "thomas@master-key.archlinux.org" is included in the "To:" field of your email (otherwise I will probably miss the mail). If you fail to configure your mail client for signing emails, please write the text into a plaintext file, sign it, and attach it.