[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [help-texinfo] PGP signature on the texinfo-6.0.tar.xz file

From: Marcin Cieslak
Subject: Re: [help-texinfo] PGP signature on the texinfo-6.0.tar.xz file
Date: Tue, 5 Jan 2016 23:21:05 +0000

On Tue, 5 Jan 2016, Karl Berry wrote:

>     > I have imported PGP keys of the texinfo maintainers from
>     >
> As far as I know, there is no particular guarantee that that list of
> keys is meaningful.  Apparently it contains keys of all members of the
> texinfo group (which is quite different than "maintainers") on Savannah
> .. at some random time.

> You can see that Gavin is an administrator of the texinfo group at
>, and posted the 6.0
> news announcement there.

Yes, I have noticed it only after posting the group. I have browsed
the archives of help-texinfo and bug-texinfo and didn't find
the release annoucement (I am sure I didn't search hard enough).

> At any rate, The only official source of "who is the maintainer" is
> /gd/gnuorg/maintainers on (which does list Gavin).  I
> know that file is not available from the outside (intentionally -- rms's
> decision many years ago), but still, that is the reality.
> Anyway, the answer is yes, it is ok and expected that the release
> tarball is signed by Gavin.

Thanks, normally it is difficult to find a canonical list of the
maintainers' keys of the project, but I thought that savannah list
is my best bet.

Maybe the keys of the maintainers from the /gd/gnuorg/maintainers
could be exported automatically to some keyring? (No idea why
it is so secret).

Alternatively, maybe if the keys were cross-signed among the maintainers...
Gavin's key was pretty fresh, had no signatures and had some fancy 
account behind it (apologies to Gavin). So I thought I'd rather ask.

Thank you for your time!


reply via email to

[Prev in Thread] Current Thread [Next in Thread]