FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > ArchLinux > ArchLinux Development

 
 
LinkBack Thread Tools
 
Old 11-19-2011, 01:38 PM
Thomas Bächler
 
Default Developer / TU key signing, first master key available

Hello developers / TUs,

My Arch master key is available at [1] with fingerprint 6841 48BB 25B4
9E98 6A49 44C5 5184 252D 824B 18E8.

Every packager, please do the following:
1) Reply to this email to thomas@master-key.archlinux.org and fully
quote this email. Include your gerolde/sigurd username in the email.
Sign your reply using your GPG key.
2) Upload your public key (gpg --armor --export $KEYID) to your home
directory on gerolde/sigurd under the name $HOME/arch-linux-packager-key.
3) Name at least one package in the repositories already signed with
your key.

Sadly, this process will only prove that you are in posession of the ssh
key to upload packages into the repositories. I will contact you
personally afterwards if I need further identification.

Please note: there are be 5 master key holders (Allan, Dan, Pierre,
Ionut, me), and you need at least 3 signatures on your key so your
packages will be trusted by pacman.

Regards
Thomas

[1] https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.asc
 
Old 11-23-2011, 06:13 PM
Dan McGee
 
Default Developer / TU key signing, first master key available

On Wed, Nov 23, 2011 at 10:12 AM, Pierre Schmitz <pierre@archlinux.de> wrote:
> Hi all,
>
> here is a little status update. So far I have issued 67 signatures in
> total for 36 Developers and Trusted Users. 10 people haven't reported
> back and another 11 haven't even managed to publish their key yet.
>
> I created a graph of our web of trust as it looks now (using sig2dot;
> thanks Dan):
> *https://users.archlinux.de/~pierre/tmp/sigs.png

What happened to the colors?

-Dan
 
Old 11-23-2011, 09:09 PM
Marek Otahal
 
Default Developer / TU key signing, first master key available

On Wednesday 23 of November 2011 17:12:44 Pierre Schmitz wrote:
> I created a graph of our web of trust as it looks now (using sig2dot;
> thanks Dan):
> https://users.archlinux.de/~pierre/tmp/sigs.png
I'm not sure how the graph should work, but it shows eg. Thomas B. three times!
--

Marek Otahal )
 
Old 11-25-2011, 02:58 PM
Jelle van der Waa
 
Default Developer / TU key signing, first master key available

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 19/11/11 15:38, Thomas Bächler wrote:
> Hello developers / TUs,
>
> My Arch master key is available at [1] with fingerprint 6841 48BB
> 25B4 9E98 6A49 44C5 5184 252D 824B 18E8.
>
> Every packager, please do the following: 1) Reply to this email to
> thomas@master-key.archlinux.org and fully quote this email. Include
> your gerolde/sigurd username in the email. Sign your reply using
> your GPG key. 2) Upload your public key (gpg --armor --export
> $KEYID) to your home directory on gerolde/sigurd under the name
> $HOME/arch-linux-packager-key. 3) Name at least one package in the
> repositories already signed with your key.
>
> Sadly, this process will only prove that you are in posession of
> the ssh key to upload packages into the repositories. I will
> contact you personally afterwards if I need further
> identification.
>
> Please note: there are be 5 master key holders (Allan, Dan,
> Pierre, Ionut, me), and you need at least 3 signatures on your key
> so your packages will be trusted by pacman.
>
> Regards Thomas
>
> [1]
> https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.asc
>
1)
>
Sigurd username: jelle
3) Package signed: mashup, guifications, gcc-avr, openttd-opengfx


- --
Jelle van der Waa

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEcBAEBAgAGBQJOz7s+AAoJEMBghjN8UHc+GOIH/2wzfPiG8o2fNVo9L4s/AttR
jBNYygDIWft9udBmUFvvZ1HOkq4PttOdR/2SLZRu1TGfCj1U1U2bK1syJsi6ijzZ
6P3z/nMz6AiYqAmDkpoG5z/DxoPuVW7jzOzQaIUlRgV54TYmPB6v+YxPRanoxipH
uvZuOW/qZeRXD0sdXzZi/9oWWEAFOvKliElhqCqMnhVI5kA5cUAdWpraTFu8i374
94wOmH3GoesICUv8acIdEOMuz9KAAEE7DNKMlGhkJ9K7qUcVVo Fs+UgJjKRD/uUh
w+ZwAyy7XtwkXIGPtKTfYpbgthvj/JL40gzK00c/+SuY+AP96VbOS1DA0sdCcNI=
=tODX
-----END PGP SIGNATURE-----
 
Old 11-28-2011, 07:47 AM
Alexander Rødseth
 
Default Developer / TU key signing, first master key available

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

1)
My sigurd username: arodseth

Fully quoted email:

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
- --------------enigB712A60E69DF712BED1984DD
Content-Type: text/plain; charset=ISO-8859-15
Content-Transfer-Encoding: quoted-printable

Hello developers / TUs,

My Arch master key is available at [1] with fingerprint 6841 48BB 25B4
9E98 6A49 44C5 5184 252D 824B 18E8.

Every packager, please do the following:
1) Reply to this email to thomas@master-key.archlinux.org and fully
quote this email. Include your gerolde/sigurd username in the email.
Sign your reply using your GPG key.
2) Upload your public key (gpg --armor --export $KEYID) to your home
directory on gerolde/sigurd under the name $HOME/arch-linux-packager-key.=

3) Name at least one package in the repositories already signed with
your key.

Sadly, this process will only prove that you are in posession of the ssh
key to upload packages into the repositories. I will contact you
personally afterwards if I need further identification.

Please note: there are be 5 master key holders (Allan, Dan, Pierre,
Ionut, me), and you need at least 3 signatures on your key so your
packages will be trusted by pacman.

Regards
Thomas

[1] https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.=
asc


- --------------enigB712A60E69DF712BED1984DD
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCAAGBQJOx79MAAoJEChPw0yOSxolOPsP/R/2QK61FQy/52NpInrZpNls
VRFYpeQZo+/xY8cYIdXEiooo3/OIBe2uplESq8GJY/2jH9WgF9EztxR9VJCK8neG
RjTubBDUGoYNF1x4clVc0tEnHsA1QLIT1PtQav5ZlquAQ00mfR qsFGhazD515p1/
bQ6OvWBX2I/Pa2lK8BuWfJooCdZtb8cBvSFripwY8svcLlQPAXI0R9Rxh4vxF 1k/
OIDvPr5eIN6eQOgKDy6Wt1poSDirS7AXORsAOmSBSz6j1+i0wU 07wvtubC1YFZO+
cUMQS5sWw5Uu6s0Ot4EhAadUvRoJUxr7kCnreWMPA9+QPWUElH 6J9tynX9pncxjy
pWTZCO3c3pHrBEyrYwpFOua9RXjjwWILZWwAbzeCpzkmhR2O6Q +kfRABDY8cTf2u
Pmmp0wsmgQ6pIzIAlWIz87wr8mqJkLc7ajB0DMbEj1XvniENt0 8IBS/GHFCh0zQI
m6yDlIH8+bSZezoH647/497T2P4XMDLH8hXLwz8LUeUcpTQQLKxAA/SYS1lyrjxY
cakh4Tf+tYPdUnnJbKKQuknmLghicqBq5POUjxIx919BOUpIkh B2SYDFO12JqgFX
Qb2mvnui+8kCdsCB/GtkEDtwE5zH0bgiwjRg/BAtKcRFVF+bZQJdOy9KnF4Ni8xF
lmekf5uEm4DKQhmzXhm7
=jmgm
- -----END PGP SIGNATURE-----

- --------------enigB712A60E69DF712BED1984DD--

2)
/home/arodseth/arch-linux-packager-key is available on sigurd

3)
signed: geany, haddock

Thanks.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBAgAGBQJO00ptAAoJEPzzyMtc+cjUaRYH/R2qFMKAijCbiJHAjKNhIsQC
B/DvZKbyJK9bnMDBVmkhW3p7HAhpG8Kb7c+7CGkLPGIfhs4Epxe2 F93AL25DIg3o
XF/4d9OUlPP9MXCjpi4N3/KI0DA+m2FL41gkI9vkrJay/k74MPCsyQXUhNgpl4PW
Y5FtFLWeiYpNfgh4JBZPCNUEz1UZUyNH0GkEsl64HTzT9H6ka0 83/A/Rb6SeLUiW
e9+g9XJ6aPfe/ZT60xwmK5LjLFgMKrdWpDAdlhlzS1kvv9kdlXrQ9lUFsXMIIix r
nug7mD9NkCLlwsfoaUECFaoHNn7qcPeJcR0jY1AQjRuGmH1IUz b9Q20AR2HEx3I=
=QcJC
-----END PGP SIGNATURE-----
 
Old 11-28-2011, 01:12 PM
Thomas Bächler
 
Default Developer / TU key signing, first master key available

Am 19.11.2011 15:38, schrieb Thomas Bächler:
> Hello developers / TUs,
>
> My Arch master key is available at [1] with fingerprint 6841 48BB 25B4
> 9E98 6A49 44C5 5184 252D 824B 18E8.
>
> Every packager, please do the following:
> 1) Reply to this email to thomas@master-key.archlinux.org and fully
> quote this email. Include your gerolde/sigurd username in the email.
> Sign your reply using your GPG key.
> 2) Upload your public key (gpg --armor --export $KEYID) to your home
> directory on gerolde/sigurd under the name $HOME/arch-linux-packager-key.
> 3) Name at least one package in the repositories already signed with
> your key.
>
> Sadly, this process will only prove that you are in posession of the ssh
> key to upload packages into the repositories. I will contact you
> personally afterwards if I need further identification.
>
> Please note: there are be 5 master key holders (Allan, Dan, Pierre,
> Ionut, me), and you need at least 3 signatures on your key so your
> packages will be trusted by pacman.
>
> Regards
> Thomas
>
> [1] https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.asc

Please note: There are many TUs (and some devs) that didn't reply to
this request yet. There are even TUs that replied to the other master
key holders, but not me.

Please be aware that you have to contact all master key holders
separately in the way stated in the request. It is not sufficient to
reply just one of them!
Also be aware that after some transition time, gerolde and sigurd will
check your signature on db-update, and WILL REJECT THE PACKAGE IF YOUR
KEY IS NOT TRUSTED. Therefore, completing the key submission to the
master key holders is non-optional!

When replying, please make sure that "thomas@master-key.archlinux.org"
is included in the "To:" field of your email (otherwise I will probably
miss the mail). If you fail to configure your mail client for signing
emails, please write the text into a plaintext file, sign it, and attach it.
 
Old 11-29-2011, 03:31 PM
Thomas Dziedzic
 
Default Developer / TU key signing, first master key available

-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1
Am 19.11.2011 15:38, schrieb Thomas Bächler:> Hello developers /
TUs,>> My Arch master key is available at [1] with fingerprint 6841
48BB 25B4> 9E98 6A49 *44C5 5184 252D 824B 18E8.>> Every packager,
please do the following:> 1) Reply to this email to
thomas@master-key.archlinux.org and fully> quote this email. Include
your gerolde/sigurd username in the email.> Sign your reply using your
GPG key.> 2) Upload your public key (gpg --armor --export $KEYID) to
your home> directory on gerolde/sigurd under the name
$HOME/arch-linux-packager-key.> 3) Name at least one package in the
repositories already signed with> your key.>> Sadly, this process will
only prove that you are in posession of the ssh> key to upload
packages into the repositories. I will contact you> personally
afterwards if I need further identification.>> Please note: there are
be 5 master key holders (Allan, Dan, Pierre,> Ionut, me), and you need
at least 3 signatures on your key so your> packages will be trusted by
pacman.>> Regards> Thomas>> [1]
https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.asc
1) tdziedzic on sigurd2) done3) nodejs in community-----BEGIN PGP
SIGNATURE-----Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJO1Qh/AAoJEH+xo4AMhMCl50EQAI2fpOSLiTXASaEHlAOHXmgKmCkkJy O5dqJVH5yeofhmWd4hERcu8qQfqTSB87GJw0DeFRN5C5FDS8zx ZbLsayyvfrVgiHtA14g3aKzjDKRfEQzbqMDSqTT2+kMsokTfdl Z3tf0ssyRWSvAdaHY1KIJ8wZ6TQc0LkfOtdLAg/p+6FX1RUxCncmVJnewCjuSdeknn6s6riGmoaWD7j80oc9Ggnwd Y2JyipG4i6iecyLFOleVItwWPLneoBJsmct+DoBbfKQQtJjtUn n9ou9X0TYHFOgfYIoco7KmPFAD/MTpGOGrglLs0369lZtgBzCfOxutVoUePTbqsFuCtZocgf1quT8 yw5le1a2oO6valzRUefBgYAz+NoNPB4FKclAKanPVKOfnSTO0t VJHgieccwbjzT5MguH+Q44k+D3RKE9Q7yv+i9+zl3tvNLZaGza bup3+C/70fXuruZ3jy2pLNyvJcFEq99TCzGBIudQmJ00zhFcQLwvbEgBo/AzQlCn/H5+fYapuqYki/WLviHSTSMXzQMX0fVUBLoszYrAjTJ1Ds793mQM/A5nU8ERjUNVEXJ3BadckDSCBOqVn72OwjxHBTkLeKFlKU66shz 7m8LhJM6Nx1DWIB+PB/aJ1xmnhCn2+91jl2T8tmKIq2YNelolXw4U8F4IMpHvBbkASZSx v4=+eik-----END
PGP SIGNATURE-----
 
Old 12-01-2011, 02:05 PM
Peter Lewis
 
Default Developer / TU key signing, first master key available

On Monday 28 Nov 2011 15:12:53 Thomas Bächler wrote:
> Please note: There are many TUs (and some devs) that didn't reply to
> this request yet.

Sorry - I haven't replied to any yet and won't get a chance to until the
weekend. Hope that doesn't delay anything... :-)
 
Old 12-05-2011, 01:44 AM
Daenyth
 
Default Developer / TU key signing, first master key available

Note that I added the reply also as an attachment in case my email
body gets changed by gmail..

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, Nov 19, 2011 at 09:38, Thomas Bächler <thomas@archlinux.org> wrote:
> Hello developers / TUs,
>
> My Arch master key is available at [1] with fingerprint 6841 48BB 25B4
> 9E98 6A49 44C5 5184 252D 824B 18E8.
>
> Every packager, please do the following:
> 1) Reply to this email to thomas@master-key.archlinux.org and fully
> quote this email. Include your gerolde/sigurd username in the email.
> Sign your reply using your GPG key.
> 2) Upload your public key (gpg --armor --export $KEYID) to your home
> directory on gerolde/sigurd under the name $HOME/arch-linux-packager-key.
> 3) Name at least one package in the repositories already signed with
> your key.
>
> Sadly, this process will only prove that you are in posession of the ssh
> key to upload packages into the repositories. I will contact you
> personally afterwards if I need further identification.
>
> Please note: there are be 5 master key holders (Allan, Dan, Pierre,
> Ionut, me), and you need at least 3 signatures on your key so your
> packages will be trusted by pacman.
>
> Regards
> Thomas
>
> [1] https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.asc
>

My usernname is (surprisingly) Daenyth on sigurd.

Signed Packages: tremulous
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJO3C+4AAoJEKABh2aZrW6EjHQP/0NQTolIFMyywHj+Z/sqAnmG
M5bTqD4OIvarDrmmD1ps4mgQRv9HeASo/DIqyJO6pY1eE6v8yQYMBZQ+xWRJWhUB
4qo1hRIX/BuA9JFIDUjFP1j4nF/Dj23GgIumYsQg3aXREoL23ILxovjhVBMAZLhz
48fOGPmP6Al+eRk9jHgtHuetSTk8Ya10TWil80HYDjpLOKG7uy BnVBDWjc7lo5aL
YKEjQHOcecP4sI5nLl50uzyOam7P/IbajZ1lnUhmqB2a2peSILtrUeNHICYA/XGm
92VKT42omsdNHqDIbvK2nDlEZs5MmrEsQCOqMr2qzmnQLbFuiw 40rJ8fNnp/Ot2k
fsQfxIrVs+NkUdBeEPlv7FbXT0RqLJYQN2MmjEvPheyXUYWoEF J0Da7k9tKZarvv
XLMP1QIvzxM0lkconEkKAovv415gIvAScBraPjbq9+OfFMPOAN T3sUj6FJjpDRg4
xFS6fO3nSWXbemk6Yt9s/KdgsuU5Gju8Jpok44USQSX3pOIlyA3AvqSv7JPKMIqQ
TBXS2OwOb3aJ+lAcsbSh4EnhCrSMRhYBGypwCkDAtLlOzIGLHr Nixt9Ohwb7qXFc
JCTXqLdOitEOy0xtaQSBG9B4aAv/J//p72cn3NgzoNDW+0dyzrOEHgEONMM3nLOf
7f77PlTo18q6qOMCcAOw
=BF0W
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, Nov 19, 2011 at 09:38, Thomas Bächler <thomas@archlinux.org> wrote:
> Hello developers / TUs,
>
> My Arch master key is available at [1] with fingerprint 6841 48BB 25B4
> 9E98 6A49 44C5 5184 252D 824B 18E8.
>
> Every packager, please do the following:
> 1) Reply to this email to thomas@master-key.archlinux.org and fully
> quote this email. Include your gerolde/sigurd username in the email.
> Sign your reply using your GPG key.
> 2) Upload your public key (gpg --armor --export $KEYID) to your home
> directory on gerolde/sigurd under the name $HOME/arch-linux-packager-key.
> 3) Name at least one package in the repositories already signed with
> your key.
>
> Sadly, this process will only prove that you are in posession of the ssh
> key to upload packages into the repositories. I will contact you
> personally afterwards if I need further identification.
>
> Please note: there are be 5 master key holders (Allan, Dan, Pierre,
> Ionut, me), and you need at least 3 signatures on your key so your
> packages will be trusted by pacman.
>
> Regards
> Thomas
>
> [1] https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.asc
>

My usernname is (surprisingly) Daenyth on sigurd.

Signed Packages: tremulous
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAEBAgAGBQJO3C+4AAoJEKABh2aZrW6EjHQP/0NQTolIFMyywHj+Z/sqAnmG
M5bTqD4OIvarDrmmD1ps4mgQRv9HeASo/DIqyJO6pY1eE6v8yQYMBZQ+xWRJWhUB
4qo1hRIX/BuA9JFIDUjFP1j4nF/Dj23GgIumYsQg3aXREoL23ILxovjhVBMAZLhz
48fOGPmP6Al+eRk9jHgtHuetSTk8Ya10TWil80HYDjpLOKG7uy BnVBDWjc7lo5aL
YKEjQHOcecP4sI5nLl50uzyOam7P/IbajZ1lnUhmqB2a2peSILtrUeNHICYA/XGm
92VKT42omsdNHqDIbvK2nDlEZs5MmrEsQCOqMr2qzmnQLbFuiw 40rJ8fNnp/Ot2k
fsQfxIrVs+NkUdBeEPlv7FbXT0RqLJYQN2MmjEvPheyXUYWoEF J0Da7k9tKZarvv
XLMP1QIvzxM0lkconEkKAovv415gIvAScBraPjbq9+OfFMPOAN T3sUj6FJjpDRg4
xFS6fO3nSWXbemk6Yt9s/KdgsuU5Gju8Jpok44USQSX3pOIlyA3AvqSv7JPKMIqQ
TBXS2OwOb3aJ+lAcsbSh4EnhCrSMRhYBGypwCkDAtLlOzIGLHr Nixt9Ohwb7qXFc
JCTXqLdOitEOy0xtaQSBG9B4aAv/J//p72cn3NgzoNDW+0dyzrOEHgEONMM3nLOf
7f77PlTo18q6qOMCcAOw
=BF0W
-----END PGP SIGNATURE-----
 
Old 12-19-2011, 03:48 PM
Timothy Redaelli
 
Default Developer / TU key signing, first master key available

> Hello developers / TUs,
>
> My Arch master key is available at [1] with fingerprint 6841 48BB
> 25B4 9E98 6A49 44C5 5184 252D 824B 18E8.
>
> Every packager, please do the following: 1) Reply to this email to
> thomas at master-key.archlinux.org and fully quote this email. Include
> your gerolde/sigurd username in the email. Sign your reply using
> your GPG key. 2) Upload your public key (gpg --armor --export
> $KEYID) to your home directory on gerolde/sigurd under the name
> $HOME/arch-linux-packager-key. 3) Name at least one package in the
> repositories already signed with your key.
>
> Sadly, this process will only prove that you are in posession of
> the ssh key to upload packages into the repositories. I will
> contact you personally afterwards if I need further
> identification.
>
> Please note: there are be 5 master key holders (Allan, Dan,
> Pierre, Ionut, me), and you need at least 3 signatures on your key
> so your packages will be trusted by pacman.
>
> Regards Thomas
>
> [1]
> https://dev.archlinux.org/~thomas/thomas_AT_master-key.archlinux.org.asc
>

Sigurd username: tredaelli
Package signed: netselect, ragel, sub2srt

--
Timothy Redaelli
drizztbsd @ irc.freenode.net
 

Thread Tools




All times are GMT. The time now is 06:40 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright ©2007 - 2008, www.linux-archive.org