Severity: wishlist
Tags: moreinfo

Since the SKS network is in a sorry state, it's getting more difficult
to fetch a specific OpenPGP certificate reliably.

A solution, since nm2 is already has access to a copy of the certificate
to validate statements, etc, would be to pass it in full to
keyring-maint, instead of just passing the fingerprint.

This could be done a specifically-named attachement to the RT ticket.
Furthermore, the fingerprint should stay in the signed message body as a
validation method that the attachment is valid.  The attached
certificate should be properly trimmed, without revoked/expired/invalid
uids or irrelevant third-party certifications.

I'm CCing keyring-maint on this, since this is just a proposal and needs
proper discussion to check the feasibility on their side before being

                        Mattia Rizzolo

GPG Key: 66AE 2B4A FCCF 3F52 DA18  4D18 4B04 3FCD B944 4540      .''`.
More about me:                             : :'  :
Launchpad user:                  `. `'`
Debian QA page:  `-

Attachment: signature.asc
Description: PGP signature

Reply via email to