On Fri, 11 Jun 2010 22:39:02 +0300 George Danchev <[email protected]> wrote:
> Tony Houghton writes: > > I'm a sponsored maintainer (of roxterm) and I've just approached a local > > DD to have my key signed. He pointed out that SHA1-generated keys are > > deprecated so I should probably generate a new, more secure, key. As my > > old key is already presumably "in the system" due to existing versions > > of roxterm, how should I go about replacing it with a new one? > > There is nothing to replace. Your source package always gets rebuilt by your > sponsors and signed by their own gpg key, i.e. they are responsible for the > upload in the same way they are responsible for their own packages uploads. > You can check that out with 'who-uploads source_package_name'. OK, that makes sense. -- TH * http://www.realh.co.uk -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
