Re: Debian package: signing-key.asc
On 13 Oct 2017, at 10:44, Kambiz Darabi wrote: Hello, there are questions from the Debian dev who helps publishing the package about the signing key which is in the debian/ subtree. Can someone please comment? Thank you Kambiz Hm. Is this because you are grabbing tar balls from there, and Debian would like to see those tar balls signed? I should probably modify the make script for releasing to make a pop signature for the tar balls and upload it. I don't really have the capability of going back to regenerate and sign the old tar balls I'm afraid. And anyway, I simply won't do it. I have no idea what key is stored at debian Cheers, r - Forwarded Message - From: "Sébastien Villemot"To: "Kambiz Darabi" Cc: 878...@bugs.debian.org Sent: Friday, 13 October, 2017 5:07:45 PM Subject: Re: Bug#878167: RFS: cl-asdf/3.3.0 - Another System Definition Facility Also, there is a GPG key under debian/upstream/signing-key.asc, but I see no signature on upstream website (https://common-lisp.net/project/asdf/archives/). Am I missing something? Or should the key be removed? Thanks, -- ⢀⣴⠾⠻⢶⣦⠀ Sébastien Villemot ⣾⠁⢠⠒⠀⣿⡁ Debian Developer ⢿⡄⠘⠷⠚⠋⠀ http://sebastien.villemot.name ⠈⠳⣄ http://www.debian.org
Debian package: signing-key.asc
Hello, there are questions from the Debian dev who helps publishing the package about the signing key which is in the debian/ subtree. Can someone please comment? Thank you Kambiz - Forwarded Message - From: "Sébastien Villemot"To: "Kambiz Darabi" Cc: 878...@bugs.debian.org Sent: Friday, 13 October, 2017 5:07:45 PM Subject: Re: Bug#878167: RFS: cl-asdf/3.3.0 - Another System Definition Facility Also, there is a GPG key under debian/upstream/signing-key.asc, but I see no signature on upstream website (https://common-lisp.net/project/asdf/archives/). Am I missing something? Or should the key be removed? Thanks, -- ⢀⣴⠾⠻⢶⣦⠀ Sébastien Villemot ⣾⠁⢠⠒⠀⣿⡁ Debian Developer ⢿⡄⠘⠷⠚⠋⠀ http://sebastien.villemot.name ⠈⠳⣄ http://www.debian.org -BEGIN PGP SIGNATURE- iQIzBAABCAAdFiEEU5UdlScuDFuCvoxKLOzpNQ7OvkoFAlng1sEACgkQLOzpNQ7O vkr1GxAAkOEUhLmOOHxIQE6/WWIWz5cxj77/Z3Dv2b6uHrljrS+GCWivzzcii9MD yJ3bjdj793MAVK4cXbLywxP5ZXQ9Aw65FuV+mi3kNa9lw3bvNFIbqsyckSgcL5Iz Q7BzUOyJiWOLVe7gOuTlHNDa+0eOvk0pycZ2QFI4nT7harAvj+9rlQW8IL7WwoDX XYDWD7TogpMDRBf0EUb32vYF2lVZomlO9KCU/mD3OmUnxmb9Zfwc23dsJcXCOcMZ 2d67F8sr0fuDZBgpPOHmPU2/+tr7GGlGNQoULML2D2XCawMK0LNBU+JfzZbOY0N/ br1yuIjhEbIlamId+/0q6aMcBZJGh+FxsEZVXQL7ULIP3N6USnhnHghZUNK/NpbU JUZGkrWFnSwC6kH7prMrbB/Jjia+CWDqqa/QIUQm9ixPIUj4VvZ29rnBht9lPq34 HgAYtZb08Xk9JJ9odHHg4HA5wpGTN2W/4DEiHqLfjwZSa3L2aq8NqPglAuDfJr/L kuGHxDXNTahxZHuh5BTREC+vVZekC7kgORffHvfVDma+iypW0xp9z/YZMHpxcG+z ZDDq8TDyOm2S4yIZDpc/LUbZnZyg4OnVDFC8JMMDt7HnD5otOe26HLlucXaPX3e3 9oJ7FnC13StJqdpwdG4NwlOQucl2S50ub0BNG4VJqQZgKibWp+I= =wDBH -END PGP SIGNATURE-