Goswin von Brederlow wrote:
> Thomas Viehmann <[EMAIL PROTECTED]> writes:
>
>
>>Goswin von Brederlow wrote:
>>
>>>Having a new-maintainer keyring, to which keys could get added by any
>>>AM after it has been verified, and checking the signature on the dsc
>>>files against it sounds good to. And the keyring would be usefull for
>>>other purposes too.
>>
>>Why not just check if the key is signed by a key in the debian keyring?
^^^ the key, not the package
>>This could be done completely automatically.
> Because then you would need a DD sponsoring your uploading sources to
> the sponsoring pool be sponsored by a DD after build.
> The check is ment for the source so as not to build just anything.I'd think you misunderstood me, but it might be vice versa... Cheers T. -- Thomas Viehmann, <http://beamnet.de/tv/>
pgp00000.pgp
Description: PGP signature
