From mboxrd@z Thu Jan 1 00:00:00 1970
Return-Path: <gentoo-dev+bounces-85368-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
(No client certificate requested)
by finch.gentoo.org (Postfix) with ESMTPS id 1BCC0138334
for <garchives@archives.gentoo.org>; Sun, 22 Jul 2018 16:42:25 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
by pigeon.gentoo.org (Postfix) with SMTP id 205D6E08F7;
Sun, 22 Jul 2018 16:42:17 +0000 (UTC)
Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by pigeon.gentoo.org (Postfix) with ESMTPS id 85C30E08ED
for <gentoo-dev@lists.gentoo.org>; Sun, 22 Jul 2018 16:42:16 +0000 (UTC)
Received: by mail-ed1-x52b.google.com with SMTP id b10-v6so13790214eds.4
for <gentoo-dev@lists.gentoo.org>; Sun, 22 Jul 2018 09:42:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=scriptkitty-com.20150623.gappssmtp.com; s=20150623;
h=mime-version:sender:in-reply-to:references:from:date:message-id
:subject:to;
bh=ul/amBVdg4w5qwcj49EIeqGcdb7AHOACGbyH9HFfOt8=;
b=LFxNGLP/h++lUv4CKwLbPRWRoZguOTqLPYefOS23EK6JTeXdhCRbI34RvVSoKTiwvs
b6As6NWcWiCM9+H08jf2Rn2VWC3VAOW5tFJtU/Yh9IVSm3+mPoEeVAQvA4emrksowCNv
Mb3FJ/VHmphdnRP3ccMLegg2pqXosDJY5v8WHbAP8AaGcIyCAiuPzHafK537jMSIfLtk
2SmqS8EUSMBVPQB2pT2tKgzuIEc1FYKIFRcvggVnp/SOc/4h+rfIceL3M2W9tNfkvHPT
9Qvg6znvj/Eh3okM1WHDV3RTQTvol+26uW4nHRb75h/qpmPcWxX2jTno2dYiI6dgg6yI
Qumg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:sender:in-reply-to:references:from
:date:message-id:subject:to;
bh=ul/amBVdg4w5qwcj49EIeqGcdb7AHOACGbyH9HFfOt8=;
b=mJm3M7raupBESq7m6XuQA/U70XKfMArju5WMUkRk+DEef77Z2s/FfWOg2NV7Qar+7O
M/oihL+R8ZcJ7CxEyik1KsrqO1SxJ1rl5tY3w38Tzlc4hLoTe44Xy0AW47OiilY2UXkG
2+GST7stkWz7vmnh4I/gv/eHI0EpurDdCuil0V78fE1FOZJ1UzhppOMDLX3JwAQgpdRD
H7vRdVOxBKR603QUqiNmg9e+Uanr6L8jjWYtQpoW6TfOQLslD2PTzg5GFbfB5Dxf3XIz
ddONM+zfEZLnk81+CM9KAYpeAMvbTX8IdoQ0ZRcyCauXZ2y+3tfNthZ75Jv9K7RiTN8P
Ujyw==
X-Gm-Message-State: AOUpUlFQyIR8rAo2MI6lj8To8ex5tpC8IWq/oZ8S5DUp4QYhvsV8PMGo
ygEHqUc5wCtsihXiGsoA4WGDsdiVfR/JqMTG7ZBjrTMurYY=
X-Google-Smtp-Source: AAOMgpeEeChqU2AQ3pzRCjsERDZGVGKA8Z8W+WVJ5d9y0fmFiQgfLkKDA/p4uGWeUUk15U2iB9STPoPwLe5sxsRx4RI=
X-Received: by 2002:a50:d65e:: with SMTP id c30-v6mr11037343edj.178.1532277734681;
Sun, 22 Jul 2018 09:42:14 -0700 (PDT)
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
Sender: antarus@scriptkitty.com
Received: by 2002:a17:906:3607:0:0:0:0 with HTTP; Sun, 22 Jul 2018 09:42:14
-0700 (PDT)
X-Originating-IP: [68.129.209.49]
In-Reply-To: <1532152208.1076.7.camel@gentoo.org>
References: <1532152208.1076.7.camel@gentoo.org>
From: Alec Warner <antarus@gentoo.org>
Date: Sun, 22 Jul 2018 12:42:14 -0400
X-Google-Sender-Auth: XB1woE1S3EbBLMXMg40WwD6KTAI
Message-ID: <CAAr7Pr-n0padwZnyNGYz91ORbLpcpz34AttY28LRigmA8PbPZA@mail.gmail.com>
Subject: Re: [gentoo-dev] Infra notice: increasing strictness of OpenPGP checks
To: Gentoo Dev <gentoo-dev@lists.gentoo.org>
Content-Type: multipart/alternative; boundary="00000000000012bc8505719936f0"
X-Archives-Salt: ac28d4fa-bec0-4179-b273-6c4089613087
X-Archives-Hash: b889a8bfbbafc2b774bd3cb6118a6e17
--00000000000012bc8505719936f0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
On Sat, Jul 21, 2018 at 1:50 AM, Micha=C5=82 G=C3=B3rny <mgorny@gentoo.org>=
wrote:
> Hi, everyone.
>
> I'm working on improving OpenPGP commit verification on Infra end.
> The changes so far shouldn't visibly affect developers whose accounts
> are configured correctly. However, if you have trouble pushing, please
> contact me (or other Infra members) immediately to investigate.
>
> The changes so far are:
>
> 1. We've switched to a new model for fetching and propagating keys
> within Infra. This means that your key updates should be propagated
> faster now (within 2 hours + keyserver propagation time). Hopefully,
> this also means revocations will be noticed much faster.
>
If you lack commit access to repo/gentoo, you may have experienced issues
pushing signed commits to other repositories.
This has been fixed and your pushes should work now.
-A
>
> 2. We're enabling pairing keys with developers (the way gkeys is
> supposed to work). It means that gitolite will now check that the key
> used to sign commits actually belongs to the developer performing
> the push.
>
> --
> Best regards,
> Micha=C5=82 G=C3=B3rny
>
--00000000000012bc8505719936f0
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><br><div class=3D"gmail_quo=
te">On Sat, Jul 21, 2018 at 1:50 AM, Micha=C5=82 G=C3=B3rny <span dir=3D"lt=
r"><<a href=3D"mailto:mgorny@gentoo.org" target=3D"_blank">mgorny@gentoo=
.org</a>></span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"ma=
rgin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi, everyone.<=
br>
<br>
I'm working on improving OpenPGP commit verification on Infra end.<br>
The changes so far shouldn't visibly affect developers whose accounts<b=
r>
are configured correctly.=C2=A0 However, if you have trouble pushing, pleas=
e<br>
contact me (or other Infra members) immediately to investigate.<br>
<br>
The changes so far are:<br>
<br>
1. We've switched to a new model for fetching and propagating keys<br>
within Infra.=C2=A0 This means that your key updates should be propagated<b=
r>
faster now (within 2 hours + keyserver propagation time).=C2=A0 Hopefully,<=
br>
this also means revocations will be noticed much faster.<br></blockquote><d=
iv><br></div><div>If you lack commit access to repo/gentoo, you may have ex=
perienced issues pushing signed commits to other repositories.</div><div>Th=
is has been fixed and your pushes should work now.</div><div><br></div><div=
>-A</div><div>=C2=A0</div><blockquote class=3D"gmail_quote" style=3D"margin=
:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
2. We're enabling pairing keys with developers (the way gkeys is<br>
supposed to work).=C2=A0 It means that gitolite will now check that the key=
<br>
used to sign commits actually belongs to the developer performing<br>
the push.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
-- <br>
Best regards,<br>
Micha=C5=82 G=C3=B3rny<br>
</font></span></blockquote></div><br></div></div>
--00000000000012bc8505719936f0--