Thomas Viehmann <[EMAIL PROTECTED]> writes: > Russ Allbery wrote: >> Assuming the e-mail address on keys is mailable is also a bit dodgy, >> and which of the multiple identities on a key would one use?
> The one that is stored associated to the account (DM or ldap and @d.o). I suppose that most of the time you'll get lucky and one of the key uids will match LDAP, but you still lose on DMs. And it's certainly not required that one of the key uids matches anything in LDAP. > It's not that hard actually, after all, it has already been checked that > the signature is from a known uploader. By checking against a keyring, which still doesn't tell you which uid to use for contact information. Remember, when the parsing of *.changes failed, you don't have any of the metadata for the package, since you can't trust the results of a failed parse. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
