[prev in list] [next in list] [prev in thread] [next in thread] 

List:       gentoo-dev
Subject:    Re: [gentoo-dev] GLEP proposal: Gentoo GPG key policies
From:       Brian Dolbec <dolsen () gentoo ! org>
Date:       2013-11-11 18:34:52
Message-ID: 1384194892.22694.181.camel () big_daddy ! dol-sen ! ca
[Download RAW message or body]


On Sun, 2013-11-10 at 17:45 -0800, Brian Dolbec wrote:
> On Mon, 2013-11-11 at 00:01 +0000, Robin H. Johnson wrote:
> > Gentoo LDAP:
> > ============
> > All developers must list the complete GPG fingerprint for their root
> > keys in the "gpgfingerprint" LDAP field.
> > 
> > It should be exactly 40 hex digits, uppercase, with optional spaces
> > every 8 hex digits. Regular expression for validation: ^[[:xdigit]]{8}(
> > ?[[:xdigit]]{8}){4}$
> > 
> 
> The problem I can see happening allowing the optional spaces is that
> currently the fingerpint field is a space separated list of
> fingerprints.  In the ldap-seeds code used to generate the
> developer.seeds file.  I am splitting that field data on the spaces to
> get a python list of individual fingerprints.  There are developers that
> have 2 fingerprints listed.  If spaces are to be allowed in the
> fingerprint then we will need to use and enforce a different separator
> to divide the fingerprints.  Currently in gentoo-keys I use the ":" as a
> separator in the gpgkey and fingerprint fields of the seed file.  A "|"
> is used to separate the fields of the seed info.
> 

Forget I said the above.  I should have re-read my code first.  Multiple
fingerprints are already returned as a list from python ldap.  I already
had code in place to condense spaces in the fingerprint before the
checks.

["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]