Re: [gentoo-dev] [PATCH v2] glep-0063: Add section about the Gentoo keyserver

public inbox for gentoo-dev@lists.gentoo.org
 help / color / mirror / Atom feed

From: "Michał Górny" <mgorny@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Cc: Mike Gilbert <floppym@gentoo.org>
Subject: Re: [gentoo-dev] [PATCH v2] glep-0063: Add section about the Gentoo keyserver
Date: Thu, 17 Dec 2020 20:27:44 +0100	[thread overview]
Message-ID: <fd080a346d4e8db7b090f235f8bfef71d4434d2b.camel@gentoo.org> (raw)
In-Reply-To: <20201217181216.1825482-1-floppym@gentoo.org>

On Thu, 2020-12-17 at 13:12 -0500, Mike Gilbert wrote:
> Signed-off-by: Mike Gilbert <floppym@gentoo.org>
> ---
> 
> v2: Added "This upload is required in addition to uploading the SKS
> pool."
> 
>  glep-0063.rst | 24 ++++++++++++++++++++----
>  1 file changed, 20 insertions(+), 4 deletions(-)
> 
> diff --git a/glep-0063.rst b/glep-0063.rst
> index 82541bd..ec465db 100644
> --- a/glep-0063.rst
> +++ b/glep-0063.rst
> @@ -7,10 +7,10 @@ Author: Robin H. Johnson <robbat2@gentoo.org>,
>          Michał Górny <mgorny@gentoo.org>
>  Type: Standards Track
>  Status: Final
> -Version: 2.1
> +Version: 2.2
>  Created: 2013-02-18
> -Last-Modified: 2019-11-07
> -Post-History: 2013-11-10, 2018-07-03, 2018-07-21, 2019-02-24
> +Last-Modified: 2020-12-17
> +Post-History: 2013-11-10, 2018-07-03, 2018-07-21, 2019-02-24, 2020-
> 12-17
>  Content-Type: text/x-rst
>  ---
>  
> @@ -28,6 +28,9 @@ OpenPGP key management policies for the Gentoo
> Linux distribution.
>  Changes
>  =======
>  
> +v2.2
> +  Added "Gentoo Keyserver" section under "Gentoo Infrastructure"
> chapter.
> +
>  v2.1
>    A requirement for an encryption key has been added, in order to
> extend
>    the GLEP beyond commit signing and into use of OpenPGP for dev-to-
> dev
> @@ -135,8 +138,11 @@ their primary key).
>  
>  5. Encrypted backup of your secret keys.
>  
> +Gentoo Infrstructure

T

> +====================
> +
>  Gentoo LDAP
> -===========
> +-----------
>  
>  All Gentoo developers must list the complete fingerprint for their
> primary
>  keys in the "``gpgfingerprint``" LDAP field. It must be exactly 40
> hex digits,
> @@ -147,6 +153,16 @@ of the fingerprint field. In any place that
> presently displays
>  the "``gpgkey``" field, the last 16 hex digits of the fingerprint
> should
>  be displayed instead.
>  
> +Gentoo Keyserver
> +----------------
> +
> +Gentoo infrastructure uses a keyserver that is isolated from the SKS
> pool.
> +This keyserver is restricted to accepting uploads from authorized
> Gentoo hosts.
> +A script is provided on dev.gentoo.org to allow developers to upload
> their
> +keys. This upload is required in addition to uploading to the SKS
> pool.
> +
> +``gpg --export KEYID | ssh dev.gentoo.org /usr/local/bin/openpgp-
> key-upload``
> +
>  Backwards Compatibility
>  =======================

Thank you for doing this.

That said, I'm wondering if we should keep SKS pool at all.  Did anyone
have any success interacting with it lately?  All my attempts of
fetching keys are resulting in server errors.

-- 
Best regards,
Michał Górny

next prev parent reply	other threads:[~2020-12-17 19:27 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-12-17 17:49 [gentoo-dev] [PATCH] glep-0063: Add section about the Gentoo keyserver Mike Gilbert
2020-12-17 17:58 ` Robin H. Johnson
2020-12-17 18:12 ` [gentoo-dev] [PATCH v2] " Mike Gilbert
2020-12-17 18:44   ` Davide Pesavento
2020-12-17 19:34     ` Mike Gilbert
2020-12-17 19:27   ` Michał Górny [this message]
2020-12-17 19:41     ` Robin H. Johnson
2020-12-17 20:03   ` Aaron W. Swenson
2020-12-17 20:15     ` Mike Gilbert
2020-12-17 20:21       ` Michał Górny
2020-12-17 21:31   ` Ulrich Mueller
2020-12-17 21:38     ` Mike Gilbert
2020-12-17 22:03       ` Ulrich Mueller
2020-12-17 22:10         ` Mike Gilbert
2020-12-18  7:45           ` Ulrich Mueller
2020-12-18 19:04             ` Mike Gilbert
2020-12-17 23:58   ` Thomas Deutschmann
2020-12-18  0:24     ` Mike Gilbert
2020-12-18  0:46       ` Thomas Deutschmann
2020-12-18 15:56   ` [gentoo-dev] [PATCH v3] " Mike Gilbert
2020-12-18 16:08     ` Michał Górny

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=fd080a346d4e8db7b090f235f8bfef71d4434d2b.camel@gentoo.org \
    --to=mgorny@gentoo.org \
    --cc=floppym@gentoo.org \
    --cc=gentoo-dev@lists.gentoo.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox