Package: nm.debian.org Severity: wishlist Tags: moreinfo X-Debbugs-Cc: d...@debian.org, keyring-ma...@debian.org
Since the SKS network is in a sorry state, it's getting more difficult
to fetch a specific OpenPGP certificate reliably.
A solution, since nm2 is already has access to a copy of the certificate
to validate statements, etc, would be to pass it in full to
keyring-maint, instead of just passing the fingerprint.
This could be done a specifically-named attachement to the RT ticket.
Furthermore, the fingerprint should stay in the signed message body as a
validation method that the attachment is valid. The attached
certificate should be properly trimmed, without revoked/expired/invalid
uids or irrelevant third-party certifications.
I'm CCing keyring-maint on this, since this is just a proposal and needs
proper discussion to check the feasibility on their side before being
implemented.
--
regards,
Mattia Rizzolo
GPG Key: 66AE 2B4A FCCF 3F52 DA18 4D18 4B04 3FCD B944 4540 .''`.
More about me: https://mapreri.org : :' :
Launchpad user: https://launchpad.net/~mapreri `. `'`
Debian QA page: https://qa.debian.org/developer.php?login=mattia `-
signature.asc
Description: PGP signature
