Hello Ian, Ian Jackson dijo [Fri, Apr 04, 2025 at 12:49:45PM +0100]:
(...) As you write:By including it in the official debian keyring package, we get some historic accountability of which keys were used. You also get a way to phase in new keys and phase out old keys.keyring-maint, would you welcome an MR for this?
[ I have not discussed this with the rest of the keyring-maint team, but based on our past interactions, believe am representing the team's position ] We see ourselves as an operational team, but not as a decision-making team, except when it comes to determining i.e. a given category of keys is no longer trustable (as we did back in 2014). Thus, we will be happy to add what would amount to a role key, or a fourth active keyring, following the instructions given by the relevant delegates (that would most certainly be the DSA and/or ftpmaster teams). Greetings,
signature.asc
Description: PGP signature
