33fe23aecf
The MIT keyserver is frequently unavailable for uploads so it no longer make sense to block new keys based on its availability. Once we have main-key signing tooling built into `keyringctl` this requirement will no longer be necessary since the tooling will be able to be run from branches already containing the necessary keys. Signed-off-by: Johannes Löthberg <johannes@kyriasis.com>
3.4 KiB
3.4 KiB
/assign @archlinux/teams/main-key-holders /label ~"new packager key" /title New packager key of
Add a new packager key
Details
- Username:
- PGP key ID:
- Sponsors:
- Application:
- Results:
- Previous Key:
Checks
Owner of new key
- The workflow for adding a new packager key has been followed
- The key pair contains one user ID with a valid
<username>@archlinux.orgemail address used for signing - The key pair has been validated according to the best practices
- The data in the Details section is attached to this issue as a clearsigned document
- The public key has been uploaded to the
keyserver.ubuntu.comandkeys.openpgp.orgkeyservers, and thearchlinux.orgUID has been verified on thekeys.openpgp.orgkeyserver. Optionally the key can also be uploaded to thepgp.mit.edukeyserver, but this is no longer mandatory as it's frequently flaky. - A merge request to add the new public key has been created
Main key holders
- The public key has been signed by all main key holders
- @anthraxx
- @bluewind
- @demize
- @diabonas
- @dvzrv
Developers of the archlinux-keyring project
- The data in the Details section is correct and signed with a
valid and trusted packager key, which is already part of
archlinux-keyring