update information about gpg and t-p-u uploads

git-svn-id: svn://anonscm.debian.org/ddp/manuals/trunk/developers-reference@2615 313b444b-1b9f-4f58-a734-7bb04f332e8d

diff --git a/debian/changelog b/debian/changelog
index b2bef05349ca95ec0d5d5d4f2af513edec6cf981..02f82434fb5641a2821b510e74c3013013e29b8e 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -22,12 +22,13 @@ developers-reference (3.3.5) unstable; urgency=low
     - add hint about -v<version> to experimental. Closes: #232930
     - update information about yada. Closes: #217956
     - urgency is sticky. Closes: #261914
     - add hint about -v<version> to experimental. Closes: #232930
     - update information about yada. Closes: #217956
     - urgency is sticky. Closes: #261914

-    - updated information about testing distribution.
+    - updated information about testing distribution. Closes: #266649.

     - rewrote the NMU section, and
       + made the possible severities of "target bugs" clearer. Closes: #233088.
       + mention QA uploads. Closes: #202416.
       + add -B for binNMUs, and local debsign usage. Closes: #208839.
       + warning about breaking all-packages by binNMU. Closes: #213348.
     - rewrote the NMU section, and
       + made the possible severities of "target bugs" clearer. Closes: #233088.
       + mention QA uploads. Closes: #202416.
       + add -B for binNMUs, and local debsign usage. Closes: #208839.
       + warning about breaking all-packages by binNMU. Closes: #213348.

+    - add information about gpg usage. Closes: #175815.

   * Matt Zimmerman
     - Security uploads get urgency=high
     - Be even more explicit about not uploading security updates
   * Matt Zimmerman
     - Security uploads get urgency=high
     - Be even more explicit about not uploading security updates

diff --git a/developers-reference.sgml b/developers-reference.sgml
index 0745cc39a1b82cbd58d18d7e16fff50165de83f9..48cc70e006d3aecb60d4b9467a8dd9dd8e9966fe 100644 (file)
--- a/developers-reference.sgml
+++ b/developers-reference.sgml
@@ -6,7 +6,7 @@
   <!ENTITY % commondata  SYSTEM "common.ent" > %commondata;
 
   <!-- CVS revision of this document -->
   <!ENTITY % commondata  SYSTEM "common.ent" > %commondata;
 
   <!-- CVS revision of this document -->

-  <!ENTITY cvs-rev "$Revision: 1.243 $">
+  <!ENTITY cvs-rev "$Revision: 1.244 $">

 
   <!-- if you are translating this document, please notate the CVS
        revision of the original developer's reference in cvs-en-rev -->
 
   <!-- if you are translating this document, please notate the CVS
        revision of the original developer's reference in cvs-en-rev -->


@@ -289,6 +289,11 @@ public servers or multiuser machines, such as the Debian servers
 Read the documentation that comes with your software; read the <url
 id="&url-pgp-faq;" name="PGP FAQ">.
        <p>
 Read the documentation that comes with your software; read the <url
 id="&url-pgp-faq;" name="PGP FAQ">.
        <p>

+You need to ensure not only that your key is secure against being stolen,
+but also that it is secure against being lost. Generate and make a copy
+(best also in paper form) of your revocation certificate; this is needed if
+your key is lost.
+       <p>

 If you add signatures to your public key, or add user identities, you
 can update the Debian key ring by sending your key to the key server at
 <tt>&keyserver-host;</tt>.  If you need to add a completely new key,
 If you add signatures to your public key, or add user identities, you
 can update the Debian key ring by sending your key to the key server at
 <tt>&keyserver-host;</tt>.  If you need to add a completely new key,


@@ -3338,6 +3343,24 @@ does not pulls an new dependency in.
 Version numbers are usually selected by adding the codename of the testing
 distribution and a incrementing number, like 1.2sarge1 for the first upload
 through testing-proposed-updates of the package version 1.2.
 Version numbers are usually selected by adding the codename of the testing
 distribution and a incrementing number, like 1.2sarge1 for the first upload
 through testing-proposed-updates of the package version 1.2.

+       <p>
+Please make sure you didn't miss any of these items at your upload:
+<list>
+<item> Make sure that your package really needs to go through
+<em>testing-proposed-uploads</em>, and can't go through unstable;
+<item> Make sure that you included only the minimal amount of changes;
+<item> Make sure that you included an appropriate explaination in the
+changelog;
+<item> Make sure that you've written <em>testing</em> or
+<em>testing-proposed-updates</em> into your target distribution;
+<item> Make sure that you've build and tested your package in
+<em>testing</em>, not in <em>unstable</em>;
+<item> Make sure that your version number is higher than the version in
+<em>testing</em> and <em>testing-proposed-updates</em>, and lower than in
+<em>unstable</em>;
+<item> After uploading and successful build on all platforms, contact the
+release team at &email-debian-release; and ask them to approve your upload.
+</list>

 
 
        <sect1 id="faq">
 
 
        <sect1 id="faq">