From 6722f32b629a2b6a6b66a17980b262b697050330 Mon Sep 17 00:00:00 2001
From: aba <aba@313b444b-1b9f-4f58-a734-7bb04f332e8d>
Date: Thu, 7 Oct 2004 19:28:03 +0000
Subject: [PATCH 1/1] update information about gpg and t-p-u uploads

git-svn-id: svn://anonscm.debian.org/ddp/manuals/trunk/developers-reference@2615 313b444b-1b9f-4f58-a734-7bb04f332e8d
---
 debian/changelog          |  3 ++-
 developers-reference.sgml | 25 ++++++++++++++++++++++++-
 2 files changed, 26 insertions(+), 2 deletions(-)

diff --git a/debian/changelog b/debian/changelog
index b2bef05..02f8243 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -22,12 +22,13 @@ developers-reference (3.3.5) unstable; urgency=low
     - add hint about -v<version> to experimental. Closes: #232930
     - update information about yada. Closes: #217956
     - urgency is sticky. Closes: #261914
-    - updated information about testing distribution.
+    - updated information about testing distribution. Closes: #266649.
     - rewrote the NMU section, and
       + made the possible severities of "target bugs" clearer. Closes: #233088.
       + mention QA uploads. Closes: #202416.
       + add -B for binNMUs, and local debsign usage. Closes: #208839.
       + warning about breaking all-packages by binNMU. Closes: #213348.
+    - add information about gpg usage. Closes: #175815.
   * Matt Zimmerman
     - Security uploads get urgency=high
     - Be even more explicit about not uploading security updates
diff --git a/developers-reference.sgml b/developers-reference.sgml
index 0745cc3..48cc70e 100644
--- a/developers-reference.sgml
+++ b/developers-reference.sgml
@@ -6,7 +6,7 @@
   <!ENTITY % commondata  SYSTEM "common.ent" > %commondata;
 
   <!-- CVS revision of this document -->
-  <!ENTITY cvs-rev "$Revision: 1.243 $">
+  <!ENTITY cvs-rev "$Revision: 1.244 $">
 
   <!-- if you are translating this document, please notate the CVS
        revision of the original developer's reference in cvs-en-rev -->
@@ -289,6 +289,11 @@ public servers or multiuser machines, such as the Debian servers
 Read the documentation that comes with your software; read the <url
 id="&url-pgp-faq;" name="PGP FAQ">.
 	<p>
+You need to ensure not only that your key is secure against being stolen,
+but also that it is secure against being lost. Generate and make a copy
+(best also in paper form) of your revocation certificate; this is needed if
+your key is lost.
+	<p>
 If you add signatures to your public key, or add user identities, you
 can update the Debian key ring by sending your key to the key server at
 <tt>&keyserver-host;</tt>.  If you need to add a completely new key,
@@ -3338,6 +3343,24 @@ does not pulls an new dependency in.
 Version numbers are usually selected by adding the codename of the testing
 distribution and a incrementing number, like 1.2sarge1 for the first upload
 through testing-proposed-updates of the package version 1.2.
+	<p>
+Please make sure you didn't miss any of these items at your upload:
+<list>
+<item> Make sure that your package really needs to go through
+<em>testing-proposed-uploads</em>, and can't go through unstable;
+<item> Make sure that you included only the minimal amount of changes;
+<item> Make sure that you included an appropriate explaination in the
+changelog;
+<item> Make sure that you've written <em>testing</em> or
+<em>testing-proposed-updates</em> into your target distribution;
+<item> Make sure that you've build and tested your package in
+<em>testing</em>, not in <em>unstable</em>;
+<item> Make sure that your version number is higher than the version in
+<em>testing</em> and <em>testing-proposed-updates</em>, and lower than in
+<em>unstable</em>;
+<item> After uploading and successful build on all platforms, contact the
+release team at &email-debian-release; and ask them to approve your upload.
+</list>
 
 
 	<sect1 id="faq">
-- 
2.30.2