[pkg-fso-maint] GPG key expired
Joachim Breitner
nomeata at debian.org
Wed Aug 12 19:52:29 UTC 2009
Hi,
Am Mittwoch, den 12.08.2009, 17:43 +0100 schrieb Enrico Zini:
> On Sun, Aug 09, 2009 at 05:00:01PM +0200, Joachim Breitner wrote:
> > thanks for the notice, I removed the expiry date from the key. I guess
> > you’ll need to re-import it from
> > http://pkg-fso.alioth.debian.org/pkg-fso-repository-key.gpg
>
> Is it just me, or the key has not been signed by any DD?
>
> Command> check
> uid pkg-fso Archive Automatic Signing Key <pkg-fso-maint at lists.alioth.debian.org>
> sig!3 8E7B323B 2009-08-09 [self-signature]
>
> If yes, why? Can I see at least a signed message with the right
> fingerprint for the archive key?
hmm, maybe because it is not meant to be a very secure key? It’s
basically a convenience to avoid the apt warnings about unsigned
sources, otherwise we rely on alioth’s security. (Just guessing, Phil
set up the repository originally, IIRC).
Greetings,
Joachim
--
Joachim "nomeata" Breitner
Debian Developer
nomeata at debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C
JID: nomeata at joachim-breitner.de | http://people.debian.org/~nomeata
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://lists.alioth.debian.org/pipermail/pkg-fso-maint/attachments/20090812/d6099465/attachment.pgp>
More information about the pkg-fso-maint
mailing list