James Troup <[EMAIL PROTECTED]> writes: > New maintainer is not a problem; as soon as GNUpg is in place, we'll > just insist maintainers use it (as opposed to insisting they use > non-free software).
Good. I haven't investigated gpg yet, but as long as it works (of course "works" for a program like this is far beyond my expertise to evaluate), this is the right thing to do. > But this will bite lots of current maintainers who try to build > packages and get flummoxed when build/dpkg-buildpackage starts moaning > "gpg command not found" and they then have to be told to do -ppgp. If > pgp stays as default we have to tell all new maintainers to use -pgpg > because their PGP keys won't be in the Debian keyring. It's not a > nice situation, and I would like to hear what others think. 1) Make gpg the default, and advertise it on debian-devel. This will just cause a short-term confusion. 2) Put a test into dpkg-buildpackage like: (if (exists? "gpg") (use "gpg") (use "pgp")) > This means forcing all > developers to generate gnupg keys; Big deal. Unless there are security concerns with gpg, let's do it...now. -- Rob Browning <[EMAIL PROTECTED]> PGP=E80E0D04F521A094 532B97F5D64E3930 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
