Package: nm.debian.org Severity: wishlist Hello,
we currently spend considerable effort looking in the mailboxes for signed SC+DMUP agreements. This can be automated by introducing the concept of "verified key fingerprints", where a user can paste a signed agreement into the site, and the site checks the signature and the text and marks the fingerprint as verified. This would both automate some more of the procedure, and allow to carry over the verification from the DM process to the DD process if the key does not change. It would also implement one step for applying as a DM via nm.debian.org. Possible implementation steps are: - Create a new Fingerprint model, with a ForeignKey to Person. - The Fingerprint model has a boolean value for "verified" - The Fingerprint model also has a boolean value for "removed", to mark keys that have been revoked or are not used anymore. There can be only one non-removed key for each Person. In the site, fingerprints are shown differently if they are validated or not. The owner of the fingerprint can click on a non-validated fingerprint to validate it. The validation page generates a string to be signed verbatim, along the lines of "Today is YYYY-MM-DD and My name is $NAME. I have read and I agree to uphold the Debian Social Contract and the Debian Free Software Guidelines in my Debian work. I have also read the Debian Machine Usage Policy, and I accept them." It can even be presented as a shell snippet to be copypasted and executed. The resulting clearsigned message can be copypasted into a web form and submitted. Upon submission, the site can check the signature, check that the contents of the text have not been altered, and mark the key as verified. Enrico -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.1.0-1-amd64 (SMP w/4 CPU cores) Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)