From 33fe23aecf8f4a15b3352b8eabca9a1304663d9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Johannes=20L=C3=B6thberg?= Date: Sun, 29 Jan 2023 22:06:51 +0100 Subject: [PATCH] Replace keyserver upload requirement with keys.openpgp.org MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The MIT keyserver is frequently unavailable for uploads so it no longer make sense to block new keys based on its availability. Once we have main-key signing tooling built into `keyringctl` this requirement will no longer be necessary since the tooling will be able to be run from branches already containing the necessary keys. Signed-off-by: Johannes Löthberg --- .gitlab/issue_templates/New Main Key.md | 6 +++++- .gitlab/issue_templates/New Packager Key.md | 6 +++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/.gitlab/issue_templates/New Main Key.md b/.gitlab/issue_templates/New Main Key.md index 35ef4fb..a2b8440 100644 --- a/.gitlab/issue_templates/New Main Key.md +++ b/.gitlab/issue_templates/New Main Key.md @@ -51,7 +51,11 @@ merge request to add the new main key can be merged. a clearsigned document - [ ] The revocation certificate has been sent in an encrypted message to the revocation certificate holder -- [ ] The public key has been uploaded to the pgp.mit.edu and keyserver.ubuntu.com +- [ ] The public key has been uploaded to the `keyserver.ubuntu.com` and + `keys.openpgp.org` keyservers, and the `archlinux.org` UID has been verified + on the `keys.openpgp.org` keyserver. Optionally the key can also be uploaded + to the `pgp.mit.edu` keyserver, but this is no longer mandatory as it's + frequently flaky. - [ ] A merge request to add the new public key has been created ### Revocation Certificate Holder diff --git a/.gitlab/issue_templates/New Packager Key.md b/.gitlab/issue_templates/New Packager Key.md index 797acd1..bcbc189 100644 --- a/.gitlab/issue_templates/New Packager Key.md +++ b/.gitlab/issue_templates/New Packager Key.md @@ -58,7 +58,11 @@ the details section. practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair) - [ ] The data in the [Details](#details) section is attached to this issue as a clearsigned document -- [ ] The public key has been uploaded to the pgp.mit.edu and keyserver.ubuntu.com +- [ ] The public key has been uploaded to the `keyserver.ubuntu.com` and + `keys.openpgp.org` keyservers, and the `archlinux.org` UID has been verified + on the `keys.openpgp.org` keyserver. Optionally the key can also be uploaded + to the `pgp.mit.edu` keyserver, but this is no longer mandatory as it's + frequently flaky. - [ ] A merge request to add the new public key has been created ### Main key holders