[arch-dev-public] Developer / TU key signing, first master key available
Ionut Biru
ibiru at archlinux.org
Tue Nov 22 13:04:43 EST 2011
On 11/22/2011 08:03 PM, Daniel Isenmann wrote:
> On Sat, 19 Nov 2011 15:38:04 +0100
> Thomas Bächler <thomas at archlinux.org> wrote:
>
>> Hello developers / TUs,
>>
>> My Arch master key is available at [1] with fingerprint 6841 48BB 25B4
>> 9E98 6A49 44C5 5184 252D 824B 18E8.
>>
>> Every packager, please do the following:
>> 1) Reply to this email to thomas at master-key.archlinux.org and fully
>> quote this email. Include your gerolde/sigurd username in the email.
>> Sign your reply using your GPG key.
>> 2) Upload your public key (gpg --armor --export $KEYID) to your home
>> directory on gerolde/sigurd under the name
>> $HOME/arch-linux-packager-key. 3) Name at least one package in the
>> repositories already signed with your key.
>>
>> Sadly, this process will only prove that you are in posession of the
>> ssh key to upload packages into the repositories. I will contact you
>> personally afterwards if I need further identification.
>>
>> Please note: there are be 5 master key holders (Allan, Dan, Pierre,
>> Ionut, me), and you need at least 3 signatures on your key so your
>> packages will be trusted by pacman.
>>
>> Regards
>> Thomas
>>
>> [1]
>> https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.asc
>>
>
> I have two signatures right now on my key. What about the others master
> key holders? Are they going to send an email like you and Pierre did?
>
> Or should we send an email to them with the same procedure?
>
> Daniel
me and Dan are waiting the cards holders to arrive.
--
Ionuț
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.archlinux.org/pipermail/arch-dev-public/attachments/20111122/06795434/attachment.asc>
More information about the arch-dev-public
mailing list