Replace keyserver upload requirement with keys.openpgp.org

The MIT keyserver is frequently unavailable for uploads so it no longer
make sense to block new keys based on its availability.

Once we have main-key signing tooling built into `keyringctl` this
requirement will no longer be necessary since the tooling will be able
to be run from branches already containing the necessary keys.

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
This commit is contained in:
Johannes Löthberg 2023-01-29 22:06:51 +01:00
parent 8cb0c6d8a0
commit 33fe23aecf
No known key found for this signature in database
GPG Key ID: 901C1C320EB0D45D
2 changed files with 10 additions and 2 deletions

View File

@ -51,7 +51,11 @@ merge request to add the new main key can be merged.
a clearsigned document a clearsigned document
- [ ] The revocation certificate has been sent in an encrypted message to the - [ ] The revocation certificate has been sent in an encrypted message to the
revocation certificate holder revocation certificate holder
- [ ] The public key has been uploaded to the pgp.mit.edu and keyserver.ubuntu.com - [ ] The public key has been uploaded to the `keyserver.ubuntu.com` and
`keys.openpgp.org` keyservers, and the `archlinux.org` UID has been verified
on the `keys.openpgp.org` keyserver. Optionally the key can also be uploaded
to the `pgp.mit.edu` keyserver, but this is no longer mandatory as it's
frequently flaky.
- [ ] A merge request to add the new public key has been created - [ ] A merge request to add the new public key has been created
### Revocation Certificate Holder ### Revocation Certificate Holder

View File

@ -58,7 +58,11 @@ the details section.
practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair) practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair)
- [ ] The data in the [Details](#details) section is attached to this issue as - [ ] The data in the [Details](#details) section is attached to this issue as
a clearsigned document a clearsigned document
- [ ] The public key has been uploaded to the pgp.mit.edu and keyserver.ubuntu.com - [ ] The public key has been uploaded to the `keyserver.ubuntu.com` and
`keys.openpgp.org` keyservers, and the `archlinux.org` UID has been verified
on the `keys.openpgp.org` keyserver. Optionally the key can also be uploaded
to the `pgp.mit.edu` keyserver, but this is no longer mandatory as it's
frequently flaky.
- [ ] A merge request to add the new public key has been created - [ ] A merge request to add the new public key has been created
### Main key holders ### Main key holders