From 848f05ee39ce74ed77b065b215fbbefc6aa4532c Mon Sep 17 00:00:00 2001
From: Guillem Jover SHA512SUMS.sign
). The keys used for these signatures are
-all in the Debian GPG keyring
+all in the Debian OpenPGP keyring
and the best way to check them is to use that keyring to validate via
the web of trust. To make life easier for people who don't have ready
access to an existing Debian machine, here are details of the keys
diff --git a/english/devel/buildd/operation.wml b/english/devel/buildd/operation.wml
index 5ce56fc8e29..5ca652114d1 100644
--- a/english/devel/buildd/operation.wml
+++ b/english/devel/buildd/operation.wml
@@ -60,7 +60,7 @@ process if no errors happen. There are two good reasons for not
further automating this: First, sometimes builds end with an ``OK''
result but the build nevertheless failed for reasons that are
invisible to the machine. And second, directly uploading would require
-to automatically PGP-sign the resulting files with a key without
+to automatically OpenPGP-sign the resulting files with a key without
passphrase on the build machine. I considered this an unacceptable
security hole.
diff --git a/english/devel/index.wml b/english/devel/index.wml
index adce38691d2..783039d1347 100644
--- a/english/devel/index.wml
+++ b/english/devel/index.wml
@@ -34,7 +34,7 @@
Advocate this application
page. Enter your Debian login
and press the Advocate
button. You then will receive an e-mail with an
-auth key which you have to return PGP/GPG signed. After this, the
+auth key which you have to return OpenPGP signed. After this, the
Applicant is added to the queue for an Application Manager with whom
they will go through all steps of the New Member checks.
If the Applicant's location makes it impossible to get a key signed by another Debian Developer, a scanned photo of their drivers license - or passport signed with their GPG key can be accepted as an alternative + or passport signed with their OpenPGP key can be accepted as an alternative method of identification.
diff --git a/english/devel/join/nm-step2.wml b/english/devel/join/nm-step2.wml index e85b971d141..0fec6984e9a 100644 --- a/english/devel/join/nm-step2.wml +++ b/english/devel/join/nm-step2.wml @@ -14,7 +14,7 @@ href="newmaint#Member">Debian members are located all over the world (see the developer locations) and rarely meet each other in person. This means trust cannot be built up by personal contact and other means are necessary. All Debian developers -are identified by their OpenPGP +are identified by their OpenPGP key. These keys make it possible to authenticate messages and other data by signing it. For more information on OpenPGP keys see the README file in thedebian-keyring
package.
diff --git a/english/devel/people.wml b/english/devel/people.wml
index 498063eef4e..8ad7530271e 100644
--- a/english/devel/people.wml
+++ b/english/devel/people.wml
@@ -8,7 +8,7 @@
managed. A broader list of Debian contributors can be found on
contributors.debian.org.
-GPG/PGP keys of package maintainers can be downloaded from +
OpenPGP keys of package maintainers can be downloaded from here.
diff --git a/english/devel/tech-ctte.wml b/english/devel/tech-ctte.wml index 1fe0c94a3b6..d7072c1f82a 100644 --- a/english/devel/tech-ctte.wml +++ b/english/devel/tech-ctte.wml @@ -80,7 +80,7 @@ which makes the final decision on technical disputes in the Debian project.Since a lot of developers meet at trade shows or conferences they -have become a nice way to get other people sign ones GnuPG key and +have become a nice way to get other people sign ones OpenPGP key and improve the web of trust. Especially for people who are new to the project, keysigning and meeting other developers has been very interesting.
@@ -12,7 +12,7 @@ session. Note that all examples usekeyring.debian.org
as
the keyserver. If the key in question is not in the Debian keyring,
replace keyring.debian.org
with a public
keyserver like wwwkeys.pgp.net
(which despite the name
-also stores GnuPG keys.)
+also stores OpenPGP keys.)
People should only sign a key under at least two conditions:
@@ -37,15 +37,15 @@ Most importantly, if the key owner is not actively participating in the exchange, you won't be able to complete either requisite 1 or 2. Nobody can complete the key owner's part of requisite 1 on the key owner's behalf, because otherwise anyone with a stolen ID card could -easily get a PGP key to go with it by pretending to be an agent of the +easily get an OpenPGP key to go with it by pretending to be an agent of the keyowner. Nobody can complete the key owner's part of requisite 2 on the key owner's behalf, since the agent could substitute the -fingerprint for a different PGP key with the key owner's name on it +fingerprint for a different OpenPGP key with the key owner's name on it and get someone to sign the wrong key.gpg --gen-key
.
+gpg --gen-key
.
The signing-party Debian package provides some tools to help you with -this process. gpg-key2ps turns a GnuPG key into a PostScript +this process. gpg-key2ps turns an OpenPGP key into a PostScript file to print paper slips with your fingerprint, and gpg-mailkeys will email a signed key to its author. The package also includes caff which is a more advanced tool. See the diff --git a/english/events/material.wml b/english/events/material.wml index 98e6a5d2466..a251aa95f74 100644 --- a/english/events/material.wml +++ b/english/events/material.wml @@ -172,7 +172,7 @@ coordinators during social events can exchange their business cards. Giving out business cards with the Debian logo contributes to Debian's image and is useful for handing out important information that you usually have to scribble down on paper (such as email address, -your GPG fingerprint...).
+your OpenPGP key fingerprint...).There is a prototype for
business cards which you can use. Customizing it is easy since you only have
diff --git a/english/intro/organization.data b/english/intro/organization.data
index acd3c3c0064..008916dc5a1 100644
--- a/english/intro/organization.data
+++ b/english/intro/organization.data
@@ -206,7 +206,7 @@ transitional (elected or appointed with a certain expiration date).
-B
you can use
parts of the package (but that is usually useless since they are already
available in the archive, and building them may require additional
dependencies). You can add
--uc
to avoid signing the package with your pgp key.
+-uc
to avoid signing the package with your OpenPGP key.
Building may needed additional installed packages. The simplest way it to run diff --git a/english/security/faq.wml b/english/security/faq.wml index b7215959deb..fbce4753ea2 100644 --- a/english/security/faq.wml +++ b/english/security/faq.wml @@ -167,7 +167,7 @@
If desired, email can be encrypted with the Debian Security Contact key (key ID \ - 0x0D59D2B15144766A14D241C66BAF400B05C3E651). For the PGP/GPG keys of individual team members, please + 0x0D59D2B15144766A14D241C66BAF400B05C3E651). For the OpenPGP keys of individual team members, please refer to the keyring.debian.org keyserver.
-- cgit v1.2.3