On Fri, 25 Mar 2011 09:53:01 +0100 "Andreas K. Huettel" <dilfri...@gentoo.org> wrote:
> Of course now we can add additional requirements: > > * The key must have an userid that refers to an official Gentoo > e-mail address. E.g. dilfri...@gentoo.org I think this is pretty useless assuming we're already wanting to limit the amount of keys trusted to a specific list. > * The userid should have some specific "default string" in its > comment field, like "Gentoo manifest signing key". What's the point of this? I don't see a reason to enforce a dev to have a dedicated Manifest signing key, and even more I don't see a reason to add such comments to normal keys. -- Best regards, Michał Górny
signature.asc
Description: PGP signature