Re: Updated Debian Developers Keyring
Luk Claes [EMAIL PROTECTED] writes: Adeodato Simó wrote: * Joey Schulze [Fri, 18 Apr 2008 15:01:23 +0200]: Anthony Towns wrote: vanicat Added key: 9EBC79C5CECE61149C26FBD84669AAFCD09E8C0B vdanjean Added key: E71009150981FCD28A0BCA657EC8E2E36CC838D5 Do we now allow people who don't provide their realname to upload packages? Uh? The listing you quoted doesn't include their names, but you can of course read them in db.d.o, getent, or the keyring. (The reason why the listing didn't include the names is, I presume, because the code to generate it was different, and not prepared for that, as opposed to the names not being available.) It looks more logical to assume that these are existing DDs where a key was added... (so we should already know their real names ;-)) while the others are new DDs... I confirm that I and Vincent Danjean have keys in the keyring for some time now. I cannot say for others on this list, but I believe it's the same -- Rémi Vanicat -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Updated Debian Developers Keyring
Anthony Towns wrote: Not really an automated mail, but we can pretend. The following changes to the Debian keyring have been made: andete Added key: 062A20ADA62FF34A0DBE6FCD2A75E4D1B59BD712 [..] brlink Added key: 36471231FCDCB7A7DBBA935D5B3229580F1D92DA [..] micah Added key: 1130178AD4E90683B09B1EFF74905C458A5F4DA1 [..] toots Added key: 0872F2B38DEF6C06187342BD00B969AA1CA95D19 vanicat Added key: 9EBC79C5CECE61149C26FBD84669AAFCD09E8C0B vdanjean Added key: E71009150981FCD28A0BCA657EC8E2E36CC838D5 Do we now allow people who don't provide their realname to upload packages? Regards, Joey -- Never trust an operating system you don't have source for! -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Updated Debian Developers Keyring
* Joey Schulze [Fri, 18 Apr 2008 15:01:23 +0200]: Anthony Towns wrote: Not really an automated mail, but we can pretend. The following changes to the Debian keyring have been made: andete Added key: 062A20ADA62FF34A0DBE6FCD2A75E4D1B59BD712 [..] brlink Added key: 36471231FCDCB7A7DBBA935D5B3229580F1D92DA [..] micah Added key: 1130178AD4E90683B09B1EFF74905C458A5F4DA1 [..] toots Added key: 0872F2B38DEF6C06187342BD00B969AA1CA95D19 vanicat Added key: 9EBC79C5CECE61149C26FBD84669AAFCD09E8C0B vdanjean Added key: E71009150981FCD28A0BCA657EC8E2E36CC838D5 Do we now allow people who don't provide their realname to upload packages? Uh? The listing you quoted doesn't include their names, but you can of course read them in db.d.o, getent, or the keyring. (The reason why the listing didn't include the names is, I presume, because the code to generate it was different, and not prepared for that, as opposed to the names not being available.) Cheers, -- Adeodato Simó dato at net.com.org.es Debian Developer adeodato at debian.org Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. -- Brian W. Kernighan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Updated Debian Developers Keyring
On Fri, Apr 18, 2008 at 07:53:15AM +0200, Andreas Tille wrote: On Fri, 18 Apr 2008, Anthony Towns wrote: The following changes to the Debian keyring have been made: May I guess that this good news is somehow connected to [1]? If yes, thanks once more to our former DPL! I don't see any evidence of it: [EMAIL PROTECTED]:~$ ls -l /srv/keyring.debian.org/pub/keyrings/ total 28056 -rw-r--r-- 1 troup root 25393210 Apr 17 19:13 debian-keyring.gpg -rw-r--r-- 1 troup root 949211 Apr 17 19:13 debian-keyring.pgp -rw-r--r-- 1 troup root 4924 Apr 17 19:13 debian-role-keys.gpg -rw-r--r-- 1 troup root 583785 Apr 17 19:13 emeritus-keyring.gpg -rw-r--r-- 1 troup root 104871 Apr 17 19:13 emeritus-keyring.pgp -rw-r--r-- 1 troup root26468 Apr 17 19:13 extra-keys.pgp -rw-r--r-- 1 troup root 1232873 Apr 17 19:13 removed-keys.gpg -rw-r--r-- 1 troup root 366193 Apr 17 19:13 removed-keys.pgp [EMAIL PROTECTED]:~$ groups joerg noodles joerg : Debian webwml nm newmaint qa debadmin planet ftpteam noodles : Debian keyring Over the past few years (2005, 2006 and 2007 at least), there's been a keyring update during the DPL election period; this one's not long after that. It might likewise be correlated with the Ubuntu .04 releases. Cheers, aj signature.asc Description: Digital signature
Re: Updated Debian Developers Keyring
On Fri, Apr 18, 2008 at 05:31:01PM +1000, Anthony Towns wrote: Over the past few years (2005, 2006 and 2007 at least), there's been a keyring update during the DPL election period; this one's not long after that. It might likewise be correlated with the Ubuntu .04 releases. A German would be inclined to say Das hat ein Geschmäckle. I tend to question what the DPL election and an Ubuntu release has to do with creating new DDs. The former may be interpreted as they keyring manager doesn't want the new DDs to vote in the DPL election, the latter as the keyring manager is too busy with his paid work to do his Debian duties, both of which I'd see as a reason to fire the keyring manager. Greetings Marc -- - Marc Haber | I don't trust Computers. They | Mailadresse im Header Mannheim, Germany | lose things.Winona Ryder | Fon: *49 621 72739834 Nordisch by Nature | How to make an American Quilt | Fax: *49 3221 2323190 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Updated Debian Developers Keyring
On Fri, Apr 18, 2008 at 05:31:01PM +1000, Anthony Towns wrote: [EMAIL PROTECTED]:~$ ls -l /srv/keyring.debian.org/pub/keyrings/ total 28056 -rw-r--r-- 1 troup root 25393210 Apr 17 19:13 debian-keyring.gpg -rw-r--r-- 1 troup root 949211 Apr 17 19:13 debian-keyring.pgp -rw-r--r-- 1 troup root 4924 Apr 17 19:13 debian-role-keys.gpg -rw-r--r-- 1 troup root 583785 Apr 17 19:13 emeritus-keyring.gpg -rw-r--r-- 1 troup root 104871 Apr 17 19:13 emeritus-keyring.pgp -rw-r--r-- 1 troup root26468 Apr 17 19:13 extra-keys.pgp -rw-r--r-- 1 troup root 1232873 Apr 17 19:13 removed-keys.gpg -rw-r--r-- 1 troup root 366193 Apr 17 19:13 removed-keys.pgp [EMAIL PROTECTED]:~$ groups joerg noodles joerg : Debian webwml nm newmaint qa debadmin planet ftpteam noodles : Debian keyring .oO( what's the purpose of keyring group if files are troup:root ? ) SCNR -- Stefano Zacchiroli -*- PhD in Computer Science ... now what? [EMAIL PROTECTED],cs.unibo.it,debian.org} -%- http://upsilon.cc/zack/ (15:56:48) Zack: e la demo dema ?/\All one has to do is hit the (15:57:15) Bac: no, la demo scema\/right keys at the right time signature.asc Description: Digital signature
Re: Updated Debian Developers Keyring
On Fri, 18 Apr 2008, Anthony Towns wrote: I don't see any evidence of it: [EMAIL PROTECTED]:~$ ls -l /srv/keyring.debian.org/pub/keyrings/ total 28056 -rw-r--r-- 1 troup root 25393210 Apr 17 19:13 debian-keyring.gpg -rw-r--r-- 1 troup root 949211 Apr 17 19:13 debian-keyring.pgp -rw-r--r-- 1 troup root 4924 Apr 17 19:13 debian-role-keys.gpg -rw-r--r-- 1 troup root 583785 Apr 17 19:13 emeritus-keyring.gpg -rw-r--r-- 1 troup root 104871 Apr 17 19:13 emeritus-keyring.pgp -rw-r--r-- 1 troup root26468 Apr 17 19:13 extra-keys.pgp -rw-r--r-- 1 troup root 1232873 Apr 17 19:13 removed-keys.gpg -rw-r--r-- 1 troup root 366193 Apr 17 19:13 removed-keys.pgp [EMAIL PROTECTED]:~$ groups joerg noodles joerg : Debian webwml nm newmaint qa debadmin planet ftpteam noodles : Debian keyring H, what really concerns me is that I do not even see evidence that the fact stated in [1] is even implemented. Over the past few years (2005, 2006 and 2007 at least), there's been a keyring update during the DPL election period; this one's not long after that. It might likewise be correlated with the Ubuntu .04 releases. This might be a nice way how Ubuntu gives back to Debian: Enable Ubuntu employees to do some volunteer work in Debian after having done the really important stuff. shrug Kind regards Andreas. [1] http://lists.debian.org/debian-devel-announce/2008/04/msg7.html -- http://fam-tille.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Updated Debian Developers Keyring
On Fri, Apr 18, 2008 at 09:58:37AM +0200, Andreas Tille wrote: H, what really concerns me is that I do not even see evidence that the fact stated in [1] is even implemented. Here is the evidence: [EMAIL PROTECTED]:~$ groups joerg | grep -q debadmin echo '\o/' \o/ ( though it has nothing to do with keyring ) -- Stefano Zacchiroli -*- PhD in Computer Science ... now what? [EMAIL PROTECTED],cs.unibo.it,debian.org} -%- http://upsilon.cc/zack/ (15:56:48) Zack: e la demo dema ?/\All one has to do is hit the (15:57:15) Bac: no, la demo scema\/right keys at the right time signature.asc Description: Digital signature
Re: Updated Debian Developers Keyring
On Fri, 18 Apr 2008, Stefano Zacchiroli wrote: On Fri, Apr 18, 2008 at 09:58:37AM +0200, Andreas Tille wrote: H, what really concerns me is that I do not even see evidence that the fact stated in [1] is even implemented. Here is the evidence: [EMAIL PROTECTED]:~$ groups joerg | grep -q debadmin echo '\o/' \o/ ( though it has nothing to do with keyring ) But you was asking yourself: what's the purpose of keyring group if files are troup:root ? So I fail to see how the current setup enables joerg to change the keyring which means things are not fully implemented - in whatever group different from root he is, right? Kind regards Andreas. -- http://fam-tille.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Updated Debian Developers Keyring
On Fri, Apr 18, 2008 at 11:00:33AM +0200, Andreas Tille wrote: So I fail to see how the current setup enables joerg to change the keyring which means things are not fully implemented - in whatever It does not (well, AFAIK it does not). According to my reading, the delegations were not related to keyring management. -- Stefano Zacchiroli -*- PhD in Computer Science ... now what? [EMAIL PROTECTED],cs.unibo.it,debian.org} -%- http://upsilon.cc/zack/ (15:56:48) Zack: e la demo dema ?/\All one has to do is hit the (15:57:15) Bac: no, la demo scema\/right keys at the right time signature.asc Description: Digital signature
Re: Updated Debian Developers Keyring
The keyring part isn't as easy. The problem is that the keyring isn't maintained collaboratively. jetring has been developed for exactly this use case, but I've heard (discussion on #debian-devel) that some people considered jetring a mess (I don't have details about specific problems though). jetring has some useful and interesting ideas, but the main complaint I'd have about it as a method of managing keyrings is that it takes on various roles that are already provided by the underlying VCS and this duplication makes it more complex than necessary. It also stores keys as their ASCII armoured versions, which I can see little benefit to. If you store keys as individual binary blobs then the process of assembling the complete keyring can be achieve with cat. jetring obviously works for the people managing the Debian Maintainer's keyring, but that doesn't mean that it'll work for everyone. J. -- Web [ Sorry for the inconvenience. ] site: http:// [ ] Made by www.earth.li/~noodles/ [ ] HuggieTag 0.0.23 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: Updated Debian Developers Keyring
Jonathan McDowell wrote: jetring has some useful and interesting ideas, but the main complaint I'd have about it as a method of managing keyrings is that it takes on various roles that are already provided by the underlying VCS and this duplication makes it more complex than necessary. This is a complaint that I have about quilt and similar patch systems, but I do not call them a mess on #debian-devel. I accept that some people might have reasons to like these complications that do things that could be done by a VCS. Calling jetring complex is a bit of a mismoner, given that it consists of a mere 690 lines of code. That's 6x less code than ls.c; it's actually less code than is present in cat.c ... It also stores keys as their ASCII armoured versions, which I can see little benefit to. If you store keys as individual binary blobs then the process of assembling the complete keyring can be achieve with cat. jetring changesets include various metadata. Storing binary blobs in files along with textual metadata is not very appealing. The concept of a changeset that represents any possible single change to a keyring is rather more useful than just catting binary files together. It allows for changesets that remove or modify keys, not just the addition of new keys. It allows workflows where changesets are created by third parties and mailed in for review. jetring obviously works for the people managing the Debian Maintainer's keyring, but that doesn't mean that it'll work for everyone. That could be said about any tool ever developed. However, jetring was developed explicitly based on the ideas that James described for a tool to help manage the Debian keyring, and was initially tested using the Debian keyring, so I certianly believe it would be effective there. Unfortunatly, James has never replied to any of my mails about it. -- see shy jo signature.asc Description: Digital signature
Re: Updated Debian Developers Keyring
On Fri, 18 Apr 2008, Anthony Towns wrote: The following changes to the Debian keyring have been made: May I guess that this good news is somehow connected to [1]? If yes, thanks once more to our former DPL! Kind regards Andreas. [1] http://lists.debian.org/debian-devel-announce/2008/04/msg7.html -- http://fam-tille.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]