Debian Project Leader election 2019: First call for votes

classic Classic list List threaded Threaded
25 messages Options
12
Reply | Threaded
Open this post in threaded view
|

Re: Failing GPG key (was: Re: Debian Project Leader election 2019: First call for votes)

Mathias Behrle-10
* Gunnar Wolf: " Re: Failing GPG key (was: Re: Debian Project Leader election
  2019: First call for votes)" (Tue, 9 Apr 2019 21:58:43 -0500):

Hi Gunnar,

> <hat id="keyring-maint">
> FWIW, I already sent Mathias a private mail about this, as he also
> asked this privately :) But this seems to be of general interest, so...

Thanks a lot, I am answering here then.

>> - What about DDs being approved just during the voting period? They should
>>   clearly be able to vote.
>> - What about DDs losing their right during the voting period? Should their
>>   ballots be valid?  
>
> Right. I am aware of both cases (well, of the second; given that key
> addition is one of the last steps of an account creation, the first
> case is basically impossible).

Why is the first case impossible? Because DAM doesn't process accounts during
vote periods?

> We often did an upload on the day just
> before a call for votes (we didn't this time, as we have adopted
> during last year a time-based cycle which seems to work well and
> reliably; keyring gets updated on the 24-25 every month).
>
> As I said on the private mail: I am set to do the April keyring
> upload. If the Secretary acknowledges this will cause no unforseen
> effects on the already tallied votes, I see no issues with doing it a
> couple of days earlier. But I am not familiar with devotee or other
> issues that might rise, and I don't want to break vote processing for
> others.
Looking forward to the response of Secretary and thanks for the explanations!

Mathias

--

    Mathias Behrle
    PGP/GnuPG key availabable from any keyserver, ID: 0xD6D09BE48405BBF6
    AC29 7E5C 46B9 D0B6 1C71  7681 D6D0 9BE4 8405 BBF6

attachment0 (884 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Failing GPG key (was: Re: Debian Project Leader election 2019: First call for votes)

Jonathan Wiltshire via nm
In reply to this post by Mathias Behrle-10
On Tue, Apr 09, 2019 at 04:02:58PM +0200, Mathias Behrle wrote:
> If so then I think there is a clear gap in the procedures.
>
> - What about DDs being approved just during the voting period? They should
>   clearly be able to vote.

For the avoidance of doubt and just for the record, we (DAMs) co-ordinate
with the keyring maintainers to complete one final sync of the electorate
before the ballot is called. We then make no further changes during the
vote period unless:

> - What about DDs losing their right during the voting period? Should their
>   ballots be valid?

... this happens, which has never yet as far as I know. There are two
possibilities: removal of a DD - we'd have to deal with that as the
cirumstances demand; or retirement, which would not be processed until
after the vote has finished.


--
Jonathan Wiltshire                                      [hidden email]
Debian Developer                         http://people.debian.org/~jmw

4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC  74C3 5394 479D D352 4C51

Reply | Threaded
Open this post in threaded view
|

Re: Failing GPG key (was: Re: Debian Project Leader election 2019: First call for votes)

Adriano Rafael Gomes-4
In reply to this post by Mathias Behrle-10
On Tue, Apr 09, 2019 at 10:19:10AM +0200, Mathias Behrle wrote:

>Hi all,
>
>I have set up an expiry on my GPG key:
>- originally set to 2019-04-07
>- updated on 2019-04-08 to 2021-04-06 and pushed to various keyservers
>  including keyring.debian.org.
>
>But nevertheless my ballot is rejected, because obviously the old key is used
>(s. the error report below).
>
>What can I do to get my ballot tested against my actual updated key?
Hi Mathias,

I'm in a similar situation, and I've managed to get my vote accepted
using my masterkey instead of my subkey to sign my vote.

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Failing GPG key (was: Re: Debian Project Leader election 2019: First call for votes)

Mathias Behrle-10
* Adriano Rafael Gomes: " Re: Failing GPG key (was: Re: Debian Project Leader
  election 2019: First call for votes)" (Fri, 19 Apr 2019 00:44:26 -0300):

> On Tue, Apr 09, 2019 at 10:19:10AM +0200, Mathias Behrle wrote:
> >Hi all,
> >
> >I have set up an expiry on my GPG key:
> >- originally set to 2019-04-07
> >- updated on 2019-04-08 to 2021-04-06 and pushed to various keyservers
> >  including keyring.debian.org.
> >
> >But nevertheless my ballot is rejected, because obviously the old key is used
> >(s. the error report below).
> >
> >What can I do to get my ballot tested against my actual updated key?  
>
> Hi Mathias,
>
> I'm in a similar situation, and I've managed to get my vote accepted
> using my masterkey instead of my subkey to sign my vote.

Hi Adriano,

there was a recent keyring update just in time so I could vote without problems
in the meantime. Perhaps this also solved your problem or did you not set an
expiry on your master key?

Cheers


--

    Mathias Behrle
    PGP/GnuPG key availabable from any keyserver, ID: 0xD6D09BE48405BBF6
    AC29 7E5C 46B9 D0B6 1C71  7681 D6D0 9BE4 8405 BBF6

Reply | Threaded
Open this post in threaded view
|

Re: Failing GPG key (was: Re: Debian Project Leader election 2019: First call for votes)

Adriano Rafael Gomes-4
On Fri, Apr 19, 2019 at 11:06:16AM +0200, Mathias Behrle wrote:
>Hi Adriano,
>
>there was a recent keyring update just in time so I could vote without problems
>in the meantime. Perhaps this also solved your problem or did you not set an
>expiry on your master key?
>
>Cheers

TL;DR I'm happy my vote was accepted, so no further action is required.

FWIW, I believe the copy of my key in the keyring was not up to date as
yesterday, when I voted: the master key was not expired, but the subkey
was expired in that copy of the key.

I updated the expiry of the subkey on February, and I *believe* I have
updated the keyservers network, and keyring.d.o with the new expiry
date, but probably I forgot something, only the logs could tell.

In any case, yesterday I sent my key to keyring.d.o again.

Thanks and sorry for the noise.

signature.asc (849 bytes) Download Attachment
12