[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] build-aux/announce-gen: Use Release keyrings on Savannah for

From: Simon Josefsson
Subject: Re: [PATCH] build-aux/announce-gen: Use Release keyrings on Savannah for GnuPG
Date: Sun, 13 Mar 2022 09:10:54 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux)

Darshit Shah <darnir@gnu.org> writes:

> +   --gpg-keyring-url=URL        URL pointing to the GnuPG Keyring containing
> +                                the key used to sign the tarballs
>  If that command fails because you don't have the required public key,
>  then run this command to import it:
> -  gpg --keyserver keys.gnupg.net --recv-keys $gpg_key_id
> +  wget -q -O- '$gpg_keyring_url' | gpg --import -

Hi.  I agree this part of announce-gen is sub-optimal.   There were
earlier discussions about solutions:


My first reaction was that we should use something like that instead,
and not your patch.  However given how unreliable the GnuPG parameters
(different version compatibility, and some reports about bugs) are wrt
to key servers, I prefer your approach to mention a URL in the
announcement instead of suggesting --recv-keys or some variant of
--locate-external-keys.  This also makes it much easier for anyone not
using GnuPG to locate the OpenPGP key.

Do you have push access to gnulib, or do you want me to polish up the
patch and push it?


Attachment: signature.asc
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]