Aug 9, 2022, 13:02 by mich...@niedermayer.cc: > On Tue, Aug 09, 2022 at 12:59:52PM +0200, Michael Niedermayer wrote: > >> On Tue, Aug 09, 2022 at 12:36:53AM +0200, Michael Niedermayer wrote: >> > On Mon, Aug 08, 2022 at 09:26:52PM +0200, Lynne wrote: >> > > Aug 8, 2022, 16:50 by mich...@niedermayer.cc: >> > > >> > > > Given the recent server issues, i wonder if we should suggest/recommand >> > > > and document signing commits and tags >> > > > >> > > > i tried to push such commit to github and it nicely says "verified" >> > > > https://github.com/michaelni/FFmpeg/commit/75f196acd16fb0c0ca7a94f0c66072e7c6f736bf >> > > > >> > > > Ive generated a new gpg key for this experiment as i dont have my >> > > > main key on the box used for git development and also using more >> > > > modern eliptic curve stuff (smaller keys & sigs) >> > > > i will upload this key to the keyservers in case it becomes the >> > > > one i use for git. >> > > > >> > > >> > > I sign all of my commits, >> > >> > I didnt notice, but thats good as it also proofs it works with no ill >> > sideeffects >> > >> > Where can i find your public key ? it seems its not on the keyservers i >> > checked >> >> Your key seems only on openpgp.org but that strips userids unless the owner >> approves it >> (i presume for GDPR) making the key not work >> >> gpg --keyserver hkps://keys.openpgp.org --recv-keys >> FE50139C680572CAFD521F8DA2FEA5F03F034464 >> gpg: key A2FEA5F03F034464: no user ID >> gpg: Total number processed: 1 >> >> gpg --list-keys FE50139C680572CAFD521F8DA2FEA5F03F034464 >> gpg: error reading key: No public key >> >> gpg --recv-keys FE50139C680572CAFD521F8DA2FEA5F03F034464 >> gpg: keyserver receive failed: No data >> > > found your key with google here: > https://lynne.ee/extra/A2FEA5F03F034464.asc >
I just pushed it to keyserver.ubuntu.com, the only still working server I found, surprisingly. Seems a few months ago sks (a protocol/sever? to share keys between servers) was deprecated and most servers went down, and the GDPR also took some out. Sad. There's some work done to make a new protocol/server apparently. I'm very sure I pushed my key to the MIT server back when I made it in 2019, but that server also seems like it's forgotten my key and not accepting it. I once imported all maintainer keys listed in MAINTAINERS and found many were revoked (I think compn's), while some used triple DES. The oldest key I found for a maintainer is actually Nicolas George's key, a triple DES from 2001! Maybe we should clean up the list of keys. _______________________________________________ ffmpeg-devel mailing list ffmpeg-devel@ffmpeg.org https://ffmpeg.org/mailman/listinfo/ffmpeg-devel To unsubscribe, visit link above, or email ffmpeg-devel-requ...@ffmpeg.org with subject "unsubscribe".
