On Sun, 23 Feb 2014, Marco d'Itri wrote: > gw...@gwolf.org wrote: > >So, what do you suggest? > Persuade developers that they should sign the new key of people whose > old key they have already signed, with no need to meet them in person. > > (Also, my keyring update request has been waiting for 3 weeks now to be > processed.)
No. But they should try to sign all[1] keys they had signed with their old key (VERY BIG difference) for which the reason of the signature still remains valid. Anyone has a script to find out the full keyid of all keys that have been signed by a specific [full] keyid? [1] well, I'd skip signing anything below 2048R or expired, *and* require e-mail address verification to weed out expired UIDs somewat. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-project-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20140223155409.gb28...@khazad-dum.debian.net
