bug-standards
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

update on GPG kys in Savannah


From: Ineiev
Subject: update on GPG kys in Savannah
Date: Thu, 15 Apr 2021 10:38:04 +0000
User-agent: Mutt/1.5.24 (2015-08-30)

Hello,

Recently, Savannah has changed the way how release GPG
keys are published, the Information for GNU maintainers
needs an update like follows.

Thank you!

diff -U 2 -r1.280 maintain.texi
--- maintain.texi       23 Aug 2020 22:01:44 -0000      1.280
+++ maintain.texi       15 Apr 2021 10:34:33 -0000
@@ -1616,22 +1616,8 @@
 @enumerate
 @item
-Create an account for yourself at @url{https://savannah.gnu.org}, if
-you don't already have one.  By the way, this is also needed to
-maintain the web pages at @url{https://www.gnu.org} for your project
-(@pxref{Web Pages}).
-
-@item
-In the @samp{My Account Conf} page on @code{savannah}, upload the GPG
-key (in ASCII-armored format) that you will use to sign your packages.
-If you haven't created one before, you can do so with the command
-@code{gpg --gen-key} (you can accept and/or confirm the default
-answers to its questions).  Then, to get the ASCII-armored version,
-run @samp{gpg --export --armor @var{your_key_id}}.
-
-Optional but recommended: Send your key to a GPG public key server:
-@code{gpg --keyserver keys.gnupg.net --send-keys @var{keyid}}, where
-@var{keyid} is the eight hex digits reported by @code{gpg
---list-public-keys} on the @code{pub} line before the date.  For full
-information about GPG, see @url{https://www.gnu.org/software/gpg}.
+Create an account for yourself at @url{https://savannah.gnu.org},
+and register your package there, if you haven't already done that.
+By the way, this is also needed to maintain the web pages at
+@url{https://www.gnu.org} for your project (@pxref{Web Pages}).

 @item
@@ -1657,4 +1643,15 @@
 ASCII armored copies of GPG keys for any individuals listed in (3).
 @end enumerate
+
+@item Publish the concatenated ASCII armored copies of your GPG key
+with the GPG keys listed in the previous step in the @samp{GPG Keys Used
+for Releases} area of the @samp{Public info} of the Savannah group
+of your package.
+
+Optional but recommended: Send your keys to a GPG public key server:
+@code{gpg --keyserver keys.gnupg.net --send-keys @var{keyid}...}, where
+@var{keyid} is the eight hex digits reported by @code{gpg
+--list-public-keys} on the @code{pub} line before the date.  For full
+information about GPG, see @url{https://www.gnu.org/software/gpg}.
 @end enumerate

Attachment: signature.asc
Description: PGP signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]