Open lazka opened 2 years ago
What are the criteria, responsibilities and requirements for being a master key provider?
Optionally you could also create a second key pair for packaging which you'd need to sign with your master key. This could then be used for signing packages, after being signed by us, uploaded to the keyserver, and added to the keyring.
(edit: and you need to use gnupg and not go crazy)
edit2: https://wiki.archlinux.org/title/GnuPG#Create_a_key_pair
Here are the Arch Linux guides for handling all this: https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/workflows ("Add a new main key" is relevant here)
We currently only have 3 master keys (the minimum amount) which means we need all three to add new packagers.
Ideally we would find more people who are willing to participate.