On Mon, Aug 25, 2003 at 05:18:45PM +0200, Sven Luther wrote:
> On Wed, Aug 20, 2003 at 05:03:17PM -0400, Stephen Frost wrote:
> > * Martin Quinson ([EMAIL PROTECTED]) wrote:
> > > On Wed, Aug 20, 2003 at 09:40:02AM -0400, Stephen Frost wrote:
> > > > keyring.debian.org has only DDs in it. I think
On Tue, Aug 26, 2003 at 10:36:07AM +1000, Glenn McGrath wrote:
>
> If there was a keyring where peoples keys would only be accepted if it
> were signed by someone in the developer keyring, then it would
>
> 1) Extend debians web of trust.
>
> 2) Debian would be taking more responsability for its
On Mon, 25 Aug 2003 12:03:43 -0600
"Jamin W. Collins" <[EMAIL PROTECTED]> wrote:
> What is the goal? To indicate that the e-mail signed came from
> someone in possession of person X's private key. X's public key can
> be put up on existing public key servers. There are already numerous
> public
On Mon, Aug 25, 2003 at 03:15:07PM -0400, Stephen Frost wrote:
>
> I'm not against translations.
I did the same error than Sven when reading your first definitive statement.
Apologies again.
> Perhaps even have a system where
> translations can be done without NMU's and have a seperate system for
* Sven Luther ([EMAIL PROTECTED]) wrote:
> On Mon, Aug 25, 2003 at 12:03:43PM -0600, Jamin W. Collins wrote:
> > I've never indicated in any way that the Debian project doesn't need
> > translators. Please reread my statements.
>
> No, but stephen has hinted at such, and my original mail was addr
"Jamin W. Collins" <[EMAIL PROTECTED]> writes:
> On Mon, Aug 25, 2003 at 07:16:31PM +0200, Sven Luther wrote:
> > On Mon, Aug 25, 2003 at 10:35:17AM -0600, Jamin W. Collins wrote:
> > >
> > > Because there is no need for it to change.
> >
> > Err, why not,
>
> What is the goal? To indicate th
On Mon, Aug 25, 2003 at 12:03:43PM -0600, Jamin W. Collins wrote:
> On Mon, Aug 25, 2003 at 07:16:31PM +0200, Sven Luther wrote:
> > On Mon, Aug 25, 2003 at 10:35:17AM -0600, Jamin W. Collins wrote:
> > >
> > > Because there is no need for it to change.
> >
> > Err, why not,
>
> What is the goa
On Mon, Aug 25, 2003 at 07:16:31PM +0200, Sven Luther wrote:
> On Mon, Aug 25, 2003 at 10:35:17AM -0600, Jamin W. Collins wrote:
> >
> > Because there is no need for it to change.
>
> Err, why not,
What is the goal? To indicate that the e-mail signed came from someone
in possession of person X
On Mon, Aug 25, 2003 at 10:35:17AM -0600, Jamin W. Collins wrote:
> On Mon, Aug 25, 2003 at 05:18:45PM +0200, Sven Luther wrote:
> > On Wed, Aug 20, 2003 at 05:03:17PM -0400, Stephen Frost wrote:
> > > * Martin Quinson ([EMAIL PROTECTED]) wrote:
> > > > On Wed, Aug 20, 2003 at 09:40:02AM -0400, Ste
On Mon, Aug 25, 2003 at 05:18:45PM +0200, Sven Luther wrote:
> On Wed, Aug 20, 2003 at 05:03:17PM -0400, Stephen Frost wrote:
> > * Martin Quinson ([EMAIL PROTECTED]) wrote:
> > > On Wed, Aug 20, 2003 at 09:40:02AM -0400, Stephen Frost wrote:
> > > > keyring.debian.org has only DDs in it. I think
On Fri, 22 Aug 2003, Christian Perrier wrote:
> And, as Steve pointed out, translation stuff is minimalistically
> invasive so this does not require an enormous amount of attention
> after the NMU.
Yes, but there are new libraries that get linked to, new compilers, etc.
On Wed, Aug 20, 2003 at 05:03:17PM -0400, Stephen Frost wrote:
> * Martin Quinson ([EMAIL PROTECTED]) wrote:
> > On Wed, Aug 20, 2003 at 09:40:02AM -0400, Stephen Frost wrote:
> > > keyring.debian.org has only DDs in it. I think people were suggesting
> > > using the public keyservers. keyring.de
* Steve Langasek ([EMAIL PROTECTED]) wrote:
> Er. You're going to hold NMUers responsible for the general crappy
> state of a package before they got to it? Are you also going to concede
> to them the authority to request the package's removal from the archive
> without the maintainer's consent,
On Fri, Aug 22, 2003 at 05:17:54PM -0400, Stephen Frost wrote:
> > And, as Steve pointed out, translation stuff is minimalistically
> > invasive so this does not require an enormous amount of attention
> > after the NMU.
> When you do an NMU you're taking the responsibility to maintain the
> packa
Looks like it's time to drop down this one... :-). Such debate with
strong opposition would now need a meeting around a beer : we've
reached the point where none of us will move anymore.. :-)
* Christian Perrier ([EMAIL PROTECTED]) wrote:
> Quoting Stephen Frost ([EMAIL PROTECTED]):
>
> > Except what you don't realize is that one should never, ever, ever just
> > NMU and then forget about the package. If you do an NMU then you need
> > to make sure it worked, follow the package and ma
Quoting Stephen Frost ([EMAIL PROTECTED]):
> Except what you don't realize is that one should never, ever, ever just
> NMU and then forget about the package. If you do an NMU then you need
> to make sure it worked, follow the package and make sure there aren't
> problems with it and follow up wit
* Christian Perrier ([EMAIL PROTECTED]) wrote:
> Quoting Stephen Frost ([EMAIL PROTECTED]):
>
> > > I, for sure, cannot hijack any package for which nothing has been done
> > > for translation related bugs. I would quickly end up with dozens of
> > > packages I'm responsible for, the majority of w
Quoting Stephen Frost ([EMAIL PROTECTED]):
> > I, for sure, cannot hijack any package for which nothing has been done
> > for translation related bugs. I would quickly end up with dozens of
> > packages I'm responsible for, the majority of which I'm perfectly
> > unable to maintain.
>
> If you ca
* Christian Perrier ([EMAIL PROTECTED]) wrote:
> Quoting Stephen Frost ([EMAIL PROTECTED]):
> > I feel this is utter bullshit, personally. One shouldn't be NMU'ing for
> > wishlist bugs. If the package isn't maintained then hijack it instead.
> > If you don't have time to do that then there's no
On Fri, Aug 22, 2003 at 09:55:51AM -0400, Stephen Frost wrote:
> * Christian Perrier ([EMAIL PROTECTED]) wrote:
> > We'll start with french translations. Not a lot of them are sleeping,
> > because we already pissed off some maintainers, or even did some NMU's
> > (yes, for wishlist bugs...).
> I
Quoting Stephen Frost ([EMAIL PROTECTED]):
> I feel this is utter bullshit, personally. One shouldn't be NMU'ing for
> wishlist bugs. If the package isn't maintained then hijack it instead.
> If you don't have time to do that then there's no way in hell you should
> be NMU'ing it anyway. If no
* Christian Perrier ([EMAIL PROTECTED]) wrote:
> We'll start with french translations. Not a lot of them are sleeping,
> because we already pissed off some maintainers, or even did some NMU's
> (yes, for wishlist bugs...).
I feel this is utter bullshit, personally. One shouldn't be NMU'ing for
wi
Christian Perrier <[EMAIL PROTECTED]> writes:
> Quoting Stephen Frost ([EMAIL PROTECTED]):
>
> > Eh. Personally I tend to doubt it's lack of trust that's causing
> > translations to rot in the BTS.
>
> As far as I know this is more maintainer laziness, for sure.. :-)
>
> I guess that in the fu
Martin Quinson wrote:
> I just wondered if it would be possible for non-developper contributors to
> Debian to get their GPG key in the Debian keyserver.
No. The contents Debian keyserver reflect the
list of registered Debian developers who also have an account on about
all Debian machines. It
Quoting Stephen Frost ([EMAIL PROTECTED]):
> Eh. Personally I tend to doubt it's lack of trust that's causing
> translations to rot in the BTS.
As far as I know this is more maintainer laziness, for sure.. :-)
I guess that in the future many translation will stop to rot in the
BTS.. :-)
We'll
* Martin Quinson ([EMAIL PROTECTED]) wrote:
> Judging from the amount of translation rotting in the BTS, I guess some of
> you guys react the same way, and I want to change this by easing this trust
> relationship, if possible.
Eh. Personally I tend to doubt it's lack of trust that's causing
tran
* Martin Quinson ([EMAIL PROTECTED]) wrote:
> On Wed, Aug 20, 2003 at 05:03:17PM -0400, Stephen Frost wrote:
> > I doubt a poor translation would make it into a released version.
> A lot of poor translation get into stable, mainly by lack of manwork, but
> you are right no offending translation get
Andreas Metzler <[EMAIL PROTECTED]> writes:
> Martin Quinson <[EMAIL PROTECTED]> wrote:
> [...]
> > Of course, I could (and have) uploaded my key on public servers, meaning
> > that other Debian member could check than a given mail with my address
> > desserve the trust they habitually give me. Bu
Quoting Martin Quinson ([EMAIL PROTECTED]):
> Of course, the signature is not sufficient to get the needed trust. But I'm
> coordinator of the french translation team since a few years, so my skills
> should be trustable, I guess.
>
> But the point is that without the key, anyone can forge mails
Martin Quinson <[EMAIL PROTECTED]> wrote:
[...]
> Of course, I could (and have) uploaded my key on public servers, meaning
> that other Debian member could check than a given mail with my address
> desserve the trust they habitually give me. But those guys would have to
> configure their email spe
On Wed, Aug 20, 2003 at 11:29:52PM +0200, Martin Quinson wrote:
> But the point is that without the key, anyone can forge mails which seem to
> come from me, and thus abuse the trust my work gained me in the mind of some
> DDs.
>
> I see this point as necessary even if not sufficient.
Ok, a valid
On Thu, 21 Aug 2003 00:16:47 +0200, Martin Quinson <[EMAIL PROTECTED]> said:
> Mmm. If so, I really cannot understand the big deal with IDs when
> signing the key. Knowing my ID is not enough to prove that I won't
> upload a rootkit, and it is not even needed... I must be perticulary
> dumb.
On Wed, 20 Aug 2003 23:29:52 +0200, Martin Quinson <[EMAIL PROTECTED]> said:
> But the point is that without the key, anyone can forge mails which
> seem to come from me, and thus abuse the trust my work gained me in
> the mind of some DDs.
So start signing your email. I'll download the
* Goswin von Brederlow ([EMAIL PROTECTED]) wrote:
> Usually the sponsor looks everything over so signing is not realy
> neccessary. Of cause if you have the same sponsor repeatetly he might
> want to just check your signature and sponsor the changes blindly
> knowing you did good work in the past.
* Martin Quinson ([EMAIL PROTECTED]) wrote:
> On Wed, Aug 20, 2003 at 09:40:02AM -0400, Stephen Frost wrote:
> > keyring.debian.org has only DDs in it. I think people were suggesting
> > using the public keyservers. keyring.debian.org isn't a part of the
> > public key servers.
>
> That's the pa
On Wed, Aug 20, 2003 at 05:03:17PM -0400, Stephen Frost wrote:
> * Martin Quinson ([EMAIL PROTECTED]) wrote:
> > On Wed, Aug 20, 2003 at 09:40:02AM -0400, Stephen Frost wrote:
> > > keyring.debian.org has only DDs in it. I think people were suggesting
> > > using the public keyservers. keyring.de
[answer to a private mail on the list with the permission of Christian]
On Wed, Aug 20, 2003 at 02:53:49PM +0200, Christian Kurz wrote:
> On [19/08/03 18:05], Martin Quinson wrote:
> > point is that currently, DD is very very strict about who can upload to the
> > source and the packages, but when
On Wed, Aug 20, 2003 at 11:03:32AM -0500, Steve Langasek wrote:
> On Wed, Aug 20, 2003 at 11:23:47AM +0200, Martin Quinson wrote:
> > On Wed, Aug 20, 2003 at 06:46:34PM +1000, Martin Michlmayr wrote:
> > > * Goswin von Brederlow <[EMAIL PROTECTED]> [2003-08-20 10:31]:
> > > > > Martin Quinson <[EMA
On Wed, Aug 20, 2003 at 09:40:02AM -0400, Stephen Frost wrote:
> * Martin Quinson ([EMAIL PROTECTED]) wrote:
> > $ LC_ALL=C gpg --keyserver keyring.debian.org --recv-keys E145F334
> > gpg: no valid OpenPGP data found.
> > gpg: Total number processed: 0
> >
> > This is the ID of my key, available
Martin Quinson <[EMAIL PROTECTED]> writes:
> On Wed, Aug 20, 2003 at 06:46:34PM +1000, Martin Michlmayr wrote:
> > * Goswin von Brederlow <[EMAIL PROTECTED]> [2003-08-20 10:31]:
> > > > Martin Quinson <[EMAIL PROTECTED]> wrote:
> > > > > I just wondered if it would be possible for non-developper
>
On Wed, Aug 20, 2003 at 11:23:47AM +0200, Martin Quinson wrote:
> On Wed, Aug 20, 2003 at 06:46:34PM +1000, Martin Michlmayr wrote:
> > * Goswin von Brederlow <[EMAIL PROTECTED]> [2003-08-20 10:31]:
> > > > Martin Quinson <[EMAIL PROTECTED]> wrote:
> > > > > I just wondered if it would be possible
* Martin Quinson ([EMAIL PROTECTED]) wrote:
> $ LC_ALL=C gpg --keyserver keyring.debian.org --recv-keys E145F334
> gpg: no valid OpenPGP data found.
> gpg: Total number processed: 0
>
> This is the ID of my key, available from www.keyserver.net and signed by 2
> DD. Did I mess something up ?
key
On Wed, Aug 20, 2003 at 06:46:34PM +1000, Martin Michlmayr wrote:
> * Goswin von Brederlow <[EMAIL PROTECTED]> [2003-08-20 10:31]:
> > > Martin Quinson <[EMAIL PROTECTED]> wrote:
> > > > I just wondered if it would be possible for non-developper
> > > > contributors to Debian to get their GPG key i
* Goswin von Brederlow <[EMAIL PROTECTED]> [2003-08-20 10:31]:
> > Martin Quinson <[EMAIL PROTECTED]> wrote:
> > > I just wondered if it would be possible for non-developper
> > > contributors to Debian to get their GPG key in the Debian keyserver.
>
> You can also apply as a NM for translation w
Andreas Metzler <[EMAIL PROTECTED]> writes:
> Martin Quinson <[EMAIL PROTECTED]> wrote:
> > I just wondered if it would be possible for non-developper
> > contributors to Debian to get their GPG key in the Debian keyserver.
> [...]
> > This trust relationship would be eased if I could sign my mai
46 matches
Mail list logo
