-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Marek Marczykowski-Górecki:
> On Fri, Sep 13, 2019 at 06:08:39PM +0200, Achim Patzner wrote:
>> Hi!
>
>> Is the setup script for builder.conf in qubes-builder still maintained?
>> If so, adding fc30
>
> In fact, setup script gets it from example-config/templates.conf. Added.
>
>> and getting rid of the forced use of the MIT PGP key
>> server might be necessary.
>
> That's a bit trickier. We need some key server, and recently the whole
> WoT basically got broken... From what I understand, we are supposed to
> use
keys.openpgp.org now. But it looks like there is email verification
> to upload the whole key (gpg2 doesn't like keys without any UID).
> So, I see two options:
> - switch to
keys.openpgp.org and ask everyone mentioned in
> qubes-builder (Patrick in practice) to upload keys there
> - distribute keys as files
Given that the resent events were mostly triggered by the fact that the
key import of GnuPG is, let's say, a bit brittle, I think we should
include the complete keys.
Of course this has the downside that you need to remember to update
them. OTOH this is just qubes-builder so the fallout of forgetting this
should be rather small.
Simon
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE3E8ezGzG3N1CTQ//kO9xfO/xly8FAl17/noACgkQkO9xfO/x
ly+oPg/9F2+MHlLlFCXI85tFXc5G/g9otCDua7f8cHV9aaPZxtL0aMWokmsI871I
YnuSeblXS6gdP6tz0Bg6aIabzf6k2tn/nTq0hxT+9H3MDcg7xn3fOtLWIm6C6BQf
4A4U0TAdD1HnhiQfLRgRb7/dESVUZcyseXLOwHyrEJUdHbtcpxFmA6iiXdcDjQuS
THHrYIsgZudMOmLMsqFnJKCPX8lZ/PDQcOWBPd9gqz6F+IQ7ryO12MSmILmgaex8
uoULMAU03EtkAM8s7mxA/uoRrcWo8BN4GNL7yxSwCHVSAJ9kjNnGnU7QSAc2+QZx
YTUJFtOecYEccCpgFVfFZEr5+Gzy5yQmhHaZr2n+xFgYqcvx1NKUfxfgSOA7hC7L
gVQRMZtthmcwyGP+yLfTiUoGvVRytttZsuytCZqWV+hHfZo3hjhX24bbAo956WP2
pE3ns/xk1OSF2kKhHlA1CuPUr/LPpfHwwk4XZwdVCvwxAIwL4FLHUvhk5tKYfU2O
ipjqon6ZjQH346RGMftdXxJ3kt5eN6+4BCF3TkwJg47wW9SKWJMqRfdXCBOQc7di
mY+aVgpuEaVlK1IefqpF5FdOTMcalNM2jkkzWbGIRYOOshdbu/hYRzO9SJDzrzws
T9ephww+SL+ynjiXwnTDo8d2whEl9Bq0I7Jyq03SMmQVOSSkuSA=
=9ZGk
-----END PGP SIGNATURE-----