condorcore-keyring/.gitlab/issue_templates/New Packager Key.md
Johannes Löthberg 33fe23aecf
Replace keyserver upload requirement with keys.openpgp.org
The MIT keyserver is frequently unavailable for uploads so it no longer
make sense to block new keys based on its availability.

Once we have main-key signing tooling built into `keyringctl` this
requirement will no longer be necessary since the tooling will be able
to be run from branches already containing the necessary keys.

Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
2023-03-14 17:45:03 +01:00

3.4 KiB

/assign @archlinux/teams/main-key-holders /label ~"new packager key" /title New packager key of

Add a new packager key

Details

  • Username:
  • PGP key ID:
  • Sponsors:
  • Application:
  • Results:
  • Previous Key:

Checks

Owner of new key

  • The workflow for adding a new packager key has been followed
  • The key pair contains one user ID with a valid <username>@archlinux.org email address used for signing
  • The key pair has been validated according to the best practices
  • The data in the Details section is attached to this issue as a clearsigned document
  • The public key has been uploaded to the keyserver.ubuntu.com and keys.openpgp.org keyservers, and the archlinux.org UID has been verified on the keys.openpgp.org keyserver. Optionally the key can also be uploaded to the pgp.mit.edu keyserver, but this is no longer mandatory as it's frequently flaky.
  • A merge request to add the new public key has been created

Main key holders

  • The public key has been signed by all main key holders
    • @anthraxx
    • @bluewind
    • @demize
    • @diabonas
    • @dvzrv

Developers of the archlinux-keyring project

  • The data in the Details section is correct and signed with a valid and trusted packager key, which is already part of archlinux-keyring