I'm not quite sure if it was -k or -m that was currently recommended for uploading.
It's -k, and not -m. You need to sign the resulting package with your own key, otherwise it would search for one with the sponsoree's email address in the secret keyring, which fails.
Kind regards, Philipp Kern Debian Developer
PGP.sig
Description: This is a digitally signed message part
