[arch-dev-public] Developer / TU key signing, first master key available
Daniel Isenmann
daniel.isenmann at gmx.de
Tue Nov 22 13:03:18 EST 2011
On Sat, 19 Nov 2011 15:38:04 +0100
Thomas Bächler <thomas at archlinux.org> wrote:
> Hello developers / TUs,
>
> My Arch master key is available at [1] with fingerprint 6841 48BB 25B4
> 9E98 6A49 44C5 5184 252D 824B 18E8.
>
> Every packager, please do the following:
> 1) Reply to this email to thomas at master-key.archlinux.org and fully
> quote this email. Include your gerolde/sigurd username in the email.
> Sign your reply using your GPG key.
> 2) Upload your public key (gpg --armor --export $KEYID) to your home
> directory on gerolde/sigurd under the name
> $HOME/arch-linux-packager-key. 3) Name at least one package in the
> repositories already signed with your key.
>
> Sadly, this process will only prove that you are in posession of the
> ssh key to upload packages into the repositories. I will contact you
> personally afterwards if I need further identification.
>
> Please note: there are be 5 master key holders (Allan, Dan, Pierre,
> Ionut, me), and you need at least 3 signatures on your key so your
> packages will be trusted by pacman.
>
> Regards
> Thomas
>
> [1]
> https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.asc
>
I have two signatures right now on my key. What about the others master
key holders? Are they going to send an email like you and Pierre did?
Or should we send an email to them with the same procedure?
Daniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: not available
URL: <http://mailman.archlinux.org/pipermail/arch-dev-public/attachments/20111122/33bc6506/attachment.asc>
More information about the arch-dev-public
mailing list