[pkg-gnupg-maint] notes from pkg-gnupg-maint BoF at DebConf15

Daniel Kahn Gillmor dkg at fifthhorseman.net
Wed Aug 19 08:59:46 UTC 2015 

Hi folks--

Below are the notes from the pkg-gnupg-maint BoF in DebConf15.

Please give a shout if you have any particular concerns or additions.

Happy hacking,

      --dkg

-------------- next part --------------
GnuPG Packaging BoF -- DebConf15

plans
-----
* cutover (gpg2??gpg) in experimental
* debian-installer (udebs ? gnupg2)
* NEWS.Debian about differences (keybox vs. traditional keyring, etc)
* gpg 1.4 ? minimized debian/rules

open questions
--------------
* package naming
 * binary package: 
     * gnupg 1.4 package should be called "gnupg-legacy"
     * werner prefers /usr/bin/gpg
     * should we consider changing the diagnostic string?
 * source package rename: 
     * git repos?
     * bts?
     * good for bootstrapping (minorly)
* hkps.pool.sks-keyservers.net
  * revocations?
  * separate package for CA?
  * talk to Kristian
  * send this upstream!
* ksba/gcrypt adoption?
	* maybe libksba, but we're definitely leaving gcrypt with andreas for now.
* gnupg-docs
	* drop this from debian
* udev rules for smartcards
	* Upstream: remove smartcard support from gnupg 1.4.x
	* move udev rules to scdaemon during cutover
	* longer-term: move udev rules to udev package -- if they aren't responsive, continue shipping in scdaemon, or ship a separate udev rules
		* Simon Josefsson
* divergence from upstream -- how to decide? how to triage?
* autopkgtest

ongoing work
------------
* bug triage
 * anibal will triage 1 bug
* encouraging other participation
* relationship with upstream
* backports
	* should backport handle the path swap?

hardening
---------
* privilege-dropping/hardening -- apparmor for gpg-agent
* gpg-agent prompting per-use (to facilitate isolation)

cutover
-------
* gpg1 binary names
* symlink inside udeb
* drop binary names patch from gpg2
   ---- upload ----
* move udebs from v1 to v2
* move udev rules
 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 948 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnupg-maint/attachments/20150819/e108c824/attachment-0001.sig>

More information about the pkg-gnupg-maint mailing list