Debian Bug report logs - #1101418
debian-keyring: Update OpenPGP nomenclature usage

version graph

Package: debian-keyring; Maintainer for debian-keyring is Debian Keyring Maintainers <[email protected]>; Source for debian-keyring is src:debian-keyring (PTS, buildd, popcon).

Reported by: Guillem Jover <[email protected]>

Date: Thu, 27 Mar 2025 09:15:01 UTC

Severity: wishlist

Tags: patch

Found in version debian-keyring/2025.03.23

Full log

🔗 View this message in rfc822 format

X-Loop: [email protected]
Subject: Bug#1101418: [PATCH dsa-puppet] Add keyrings symlinks with pgp extension
Reply-To: Guillem Jover <[email protected]>, [email protected]
Resent-From: Guillem Jover <[email protected]>
Resent-To: [email protected]
Resent-CC: Debian Keyring Maintainers <[email protected]>
X-Loop: [email protected]
Resent-Date: Fri, 11 Apr 2025 00:03:01 +0000
Resent-Message-ID: <[email protected]>
Resent-Sender: [email protected]
X-Debian-PR-Message: followup 1101418
X-Debian-PR-Package: debian-keyring
X-Debian-PR-Keywords: patch
References: <[email protected]>
X-Debian-PR-Source: debian-keyring
Received: via spool by [email protected] id=B1101418.17443295672447187
          (code B ref 1101418); Fri, 11 Apr 2025 00:03:01 +0000
Received: (at 1101418) by bugs.debian.org; 10 Apr 2025 23:59:27 +0000
X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
	(2021-04-09) on buxtehude.debian.org
X-Spam-Level: 
X-Spam-Status: No, score=-107.8 required=4.0 tests=ALL_TRUSTED,BAYES_00,
	DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,
	FROMDEVELOPER,SPF_HELO_NONE,SPF_NONE,TO_DEBIAN_ADMIN,
	USER_IN_DKIM_WELCOMELIST,USER_IN_DKIM_WHITELIST autolearn=ham
	autolearn_force=no version=3.4.6-bugs.debian.org_2005_01_02
X-Spam-Bayes: score:0.0000 Tokens: new, 30; hammy, 150; neutral, 70; spammy,
	0. spammytokens: hammytokens:0.000-+--Hx-spam-relays-external:36ff,
	0.000-+--H*r:36ff, 0.000-+--H*RT:sk:master., 0.000-+--H*RT:216,
	0.000-+--H*RT:36ff
Received: from master.debian.org ([2001:41b8:202:deb:216:36ff:fe40:4001]:51530)
	from C=NA,ST=NA,L=Ankh Morpork,O=Debian SMTP,OU=Debian SMTP CA,CN=master.debian.org,[email protected] (verified)
	by buxtehude.debian.org with esmtps (TLS1.3:ECDHE_SECP256R1__RSA_PSS_RSAE_SHA256__AES_256_GCM:256)
	(Exim 4.94.2)
	(envelope-from <[email protected]>)
	id 1u31nq-00AGcK-P6
	for [email protected]; Thu, 10 Apr 2025 23:59:26 +0000
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org;
	s=smtpauto.master; h=Content-Type:MIME-Version:Message-ID:Subject:Cc:To:From:
	Date:Reply-To:Content-Transfer-Encoding:Content-ID:Content-Description:
	In-Reply-To:References; bh=NLTgNMgvgaeTha2Y90bSs0DKtPo9JCtPdUHWHSSKHsk=; b=HA
	3QdA7BYSvZpTBdLfqlIQaDmTY3aoSqOfh5s+8NoSOiC6KN3vTBwTm07JArU4P65meAD0esZsKoxhI
	mC1rud/HUaAVCFjQVX/4cKx/HPW8o0zVZzFOB5tTnRKhjy1+zezWFh0nCH+JSN2f7dEwFZ39gci35
	USskAOSbDKMk0QM+0lbEOG4w7upYsfTWyWArqrq9yrFrLceMekDf3m6jRJvbN6Me4ANwi7OI4Uufd
	yDw9So+ufg7p7gevaJ61ocfT/oJ7QtFEXgXAznHdF5BrGP93+3ZoacwP0ffKTzsKNoi9nWLUB1fYc
	35lkQZoGq2XFP4xzKvejdUD0j0TfeIjA==;
Received: from guillem by master.debian.org with local (Exim 4.94.2)
	(envelope-from <[email protected]>)
	id 1u31nn-005zhF-NN; Thu, 10 Apr 2025 23:59:23 +0000
Date: Fri, 11 Apr 2025 01:59:22 +0200
From: Guillem Jover <[email protected]>
To: [email protected]
Cc: [email protected]
Message-ID: <[email protected]>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

These keyrings contain OpenPGP certificates, and are not vendor specific,
so naming them with an extension after GnuPG in detriment to the other
multiple OpenPGP implementations does not promote the interoperability
one would expect from that ecosystem.

Given that these files are API, and will have external references,
we add new symlinks with the .pgp extension using the .gpg ones as
targets, and leaving the keyrings with .gpg extension as is, which
should then be considered deprecated, but should stay until its clear
they are not being used from the Debian infrastructure, and potentially
a transition has been coordinated or announced about their fate for
the rsync endpoints.

This matches the intent after the changes being discussed as part
of <https://bugs.debian.org/1101418>. Where after those changes in
debian-keyring and ones being prepared for userdir-ldap have been
deployed, the symlink targets in dsa-puppet can be changed to use the
canonical .pgp pathnames, with a subsequent patch.
---
 modules/roles/manifests/keyring_debian_org_mirror.pp | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/modules/roles/manifests/keyring_debian_org_mirror.pp b/modules/roles/manifests/keyring_debian_org_mirror.pp
index ca3c633be..6fddb3a50 100644
--- a/modules/roles/manifests/keyring_debian_org_mirror.pp
+++ b/modules/roles/manifests/keyring_debian_org_mirror.pp
@@ -6,14 +6,26 @@ class roles::keyring_debian_org_mirror {
 		ensure => 'link',
 		target => '/var/lib/misc/thishost/debian-keyring.gpg'
 	}
+	file { '/srv/keyring.debian.org/keyrings/debian-keyring.pgp':
+		ensure => 'link',
+		target => '/var/lib/misc/thishost/debian-keyring.gpg'
+	}
 	file { '/srv/keyring.debian.org/keyrings/debian-maintainers.gpg':
 		ensure => 'link',
 		target => '/var/lib/misc/thishost/debian-maintainers.gpg'
 	}
+	file { '/srv/keyring.debian.org/keyrings/debian-maintainers.pgp':
+		ensure => 'link',
+		target => '/var/lib/misc/thishost/debian-maintainers.gpg'
+	}
 	file { '/srv/keyring.debian.org/keyrings/debian-nonupload.gpg':
 		ensure => 'link',
 		target => '/var/lib/misc/thishost/debian-nonupload.gpg'
 	}
+	file { '/srv/keyring.debian.org/keyrings/debian-nonupload.pgp':
+		ensure => 'link',
+		target => '/var/lib/misc/thishost/debian-nonupload.gpg'
+	}
 
 	file { '/srv/keyring.debian.org/keyrings/buildd-keyrings':
 		ensure => 'link',
-- 
2.49.0

Send a report that this bug log contains spam.

Debian bug tracking system administrator <[email protected]>. Last modified: Tue May 13 14:35:09 2025; Machine Name: bembo

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.