On Mon 2020-01-13 22:56:01 +0100, Mattia Rizzolo wrote:
> We should provide a facility so people can upload their OpenPGP
> certificate ("public key"), together with all the 3rd party
> certifications, directly into nm.debian.org, bypassing the SKS network
> and avoiding the need for any other problematic OpenPGP certificate
> distribution mechanism.
>
> With the SKS network slowly dying, gpg not receiving third-party
> certifications anymore by default and other changes to the ecosystem,
> retrieving OpenPGP certificates and third-party certifications may be
> harder in the future.
>
> It is simpler to let applicants provide a certificate themselves
> directly.
I endorse this suggestion :)
I note that we shouldn't *require* users to upload their certificate
necessarily. The change asked for here is just to make it possible for
them to do the upload if they choose to.
--dkg
signature.asc
Description: PGP signature
