Hello, On Fri 04 Apr 2025 at 12:41pm -06, Gunnar Wolf wrote:
> We see ourselves as an operational team, but not as a decision-making team,
> except when it comes to determining i.e. a given category of keys is no
> longer trustable (as we did back in 2014). Thus, we will be happy to add
> what would amount to a role key, or a fourth active keyring, following the
> instructions given by the relevant delegates (that would most certainly be
> the DSA and/or ftpmaster teams).
Thanks for your reply.
Wouldn't the relevant delegates be Ian and I? Our delegation says:
Maintaining and managing the tag2upload system design and security
policy, including for the tag2upload services's archive signing key.
(This key has equivalent permissions for source-only uploads to the
Debian archive as does an uploading Debian Developer's upload
signing key.)
--
Sean Whitton
signature.asc
Description: PGP signature
