Package: nm.debian.org Severity: normal Hi! The page at https://nm.debian.org/public/newnm says:
.--===[ OpenPGP key ] Most Debian work is not anonymous, and requires the use of an OpenPGP key. We require the key to be signed by two or more Debian Developers to make reasonably sure that you are who you claim to be. This is called "web of trust". If you are curious, you can check the status of your key in the global web of trust here. We also have some requirements on the key itself: it needs to be version 4 or later, it must not use DSA and it should be at least 4096 bits long (2048 bits are acceptable only in exceptional circumstances). Please enter the fingerprint of your OpenPGP key in the "Fingerprint" field below, press "Check" and I will check it for you now while you keep reading the page. For your convenience, I will also try to autofill many fields in this page based on the first User ID in your key. Fingerprint: `---- Except, the web of trust is quite in tatters these days. While it still does exist, Debian's default for gpg keyserver has moved to a place that: 1. is not connected to the WoT 2. doesn't carry signatures Thus, this section would need to either: * say where to upload the key to (--keyserver), or * accept a pubkey directly Meow! -- System Information: Debian Release: bullseye/sid APT prefers unstable-debug APT policy: (500, 'unstable-debug'), (500, 'unstable'), (500, 'stable'), (150, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.6.3-00077-gc06a93bc6b33 (SMP w/6 CPU cores) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init)
