Comment 1 for bug 374395
Revision history for this message
| Celso Providelo (cprov) wrote Re: New PPAs can be published unsigned | #1 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
35a32c5
(Get the code!)
Yes, key generation will happen within 20 min (as the publishing) but gpg keys take about 4 minutes long to be generated, so if the user creates a PPA and uploads a source in its first 20 minutes of life it's very likely that it will be published unsigned.
Assuming PPAs are supposed to be always signed, we can delay publications until the signing key gets created. This can be done by activating PPA with the 'publish' flag set to False, and including code to set it to True in the signing-key generation step.