On 08/30/2010 04:34 PM, Joerg Jaspert wrote: > And this needs an own package because of ________________________ > > Sounds like it should be in signing-party instead.
Indeed it very well may want to be part of signing-party when it grows up... The primary rationale for it being separate now includes: 1. As this tool is making assertions about signature strength which important to our web of trust it is recommended that this tool get peer testing and review on it's own (as to avoid versioning signing-party at this early stage). 2. It has been suggested that the correct implementation of this tool is to read the keyring directly -- instead of using gpg -- in which case the implementation may change significantly. If these goals should be accomplished without creating a separate package I would be happy to pursue that approach. Respectfully, --Tom -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
