Debian package: signing-key.asc
Robert Goldman
rpgoldman at sift.info
Fri Oct 13 16:30:12 UTC 2017
On 13 Oct 2017, at 10:44, Kambiz Darabi wrote:
> Hello,
>
> there are questions from the Debian dev who helps publishing the
> package
> about the signing key which is in the debian/ subtree.
>
> Can someone please comment?
>
> Thank you
>
>
> Kambiz
Hm. Is this because you are grabbing tar balls from there, and Debian
would like to see those tar balls signed? I should probably modify the
make script for releasing to make a pop signature for the tar balls and
upload it.
I don't really have the capability of going back to regenerate and sign
the old tar balls I'm afraid. And anyway, I simply won't do it.
I have no idea what key is stored at debian
Cheers,
r
>
>
> ----- Forwarded Message -----
> From: "Sébastien Villemot" <sebastien at debian.org>
> To: "Kambiz Darabi" <darabi at m-creations.com>
> Cc: 878167 at bugs.debian.org
> Sent: Friday, 13 October, 2017 5:07:45 PM
> Subject: Re: Bug#878167: RFS: cl-asdf/3.3.0 - Another System
> Definition Facility
>
> Also, there is a GPG key under debian/upstream/signing-key.asc, but I
> see no
> signature on upstream website
> (https://common-lisp.net/project/asdf/archives/).
>
> Am I missing something? Or should the key be removed?
>
> Thanks,
>
> --
> ⢀⣴⠾⠻⢶⣦⠀ Sébastien Villemot
> ⣾⠁⢠⠒⠀⣿⡁ Debian Developer
> ⢿⡄⠘⠷⠚⠋⠀ http://sebastien.villemot.name
> ⠈⠳⣄⠀⠀⠀⠀ http://www.debian.org
More information about the asdf-devel
mailing list