On 20/02/12 03:15, Pierre Schmitz wrote: > Hello, > > as you know do you not only have to sign your package but also use a > fully trusted key for this. There are a few developers and trusted users > which are no longer able to publish packages due to this policy. I would > suggest we set them as "inactive" in archweb, disable their ssh access > and orphan their packages and bug reports. Don't get me wrong though; I > don't want to kick anybody out and I'd be more than happy to welcome any > of those back to our team. But if people are (temporary) inactive we > need to know. > > Here is a list of people which didn't upload a gpg key to archweb at > all. The had several months to do so and didn't reply to an additional > mail I had sent in November last year. > > Dale Blount > Aaron Griffin > Tobias Kieslich > Paul Mattal > Mateusz Herych > Imanol Celaya > > The following people have a key but it is not fully trusted. That means > their keys are not signed by at least three master keys. > > Kaiting Chen > Kevin Piche > Vesa Kaihlavirta > > If anybody know anything about the status of these fellow let me know. > The first group can be set to inactive right away imho. I already talked > to Vesa and he promised to get the missing signature soon.
Ack. I sent them all two emails to get their key signed too. None of those are that surprising. Probably should keep ssh access for Aaron as I believe he pops in once in a while even though he does not Allan
