On Thu, Aug 28, 2003 at 10:06:16AM +0200, Thomas -Balu- Walter wrote:
> On Wed, Aug 27, 2003 at 08:19:44PM +0200, Thorsten Sauter wrote:
[...]
>> dpkg-buildpackage tries to sign the package with your name, which is
>> used in the debian/changelog file. You can change the name (and email)
>> in this file to the name which is used for your gpg key.
> The eMail is correct, but the name differs :-). Thats why I was curious
> why dpkg-buildpackage not only uses the eMail-address to check for keys.
> But thats not a problem as long as I can use -k to choose a key.
[...]
It is a feature, people might have two different secret keys, one used
only for Debian "John Doe 'Debian package key' <[EMAIL PROTECTED]>" and
another one for his private mail "John Doe 'private'
<[EMAIL PROTECTED]>".
BTW I _never_ let dpkg-buildpackage do the signing of the package,
because I usually rebuild the package many times before I think it is
fit for release and signing these unreleased packages is a big waste of
time (and my gpg passphrase is rather long). I use
dpkg-buildpackage -uc -us -sd -rfakeroot
and afterwards sign the package with
debsign -k8B8D7663 bar_0.8-15_i386.changes
cu andreas
--
"See, I told you they'd listen to Reason," [SPOILER] Svfurlr fnlf,
fuhggvat qbja gur juveyvat tha.
Neal Stephenson in "Snow Crash"
