endorse_key.html

{% extends "process/nm2-base.html" %}
{% load nm %}
{% load i18n %}

{% block content %}

<h1>{% blocktrans with person=person.fullname %}Endorse {{person}}'s key{% endblocktrans %}</h1>

<p>{% blocktrans with fpr=fpr.fpr|fingerprint name=person.fullname %}
You can use this page to post a public statement, signed with your own
GPG key, witnessing that you have interacted with {{name}} using the key
{{ fpr }}.{% endblocktrans %}</p>

<p>{% blocktrans %}Endorsement of an identity is not an advocacy for membership. You are not stating
that the person should be a Debian Member or a Debian Maintainer, but rather that the
applicant interacted with you and worked together with you, and that for
these interactions they relied on the endorsed key as their identity. The
following paragraph is a rough example of what an endorsement could be. Feel
free to use it as a template to write yours.{% endblocktrans %}</p>

{% language 'en' %}
{% with person=person.fullname fpr=fpr.fpr|fingerprint email=person.email %}
<p><pre>For nm.debian.org, at {{now|date:"Y-m-d"}}:
For the past X months, I have worked with {{person}} on XXX and YYY.

For this past work, {{person}} sent mails using the email address {{email}}
which is the one they're using on nm.debian.org, and they signed their work and
email using a GPG key with fingerprint {{fpr}}.

I've made sure that they are able to decrypt encrypted messages sent to this key
and that they're able to sign messages with the same key.

Due to the long-term interactions we had, I'm convinced that {{person}} as they
present themselves on nm.debian.org is the rightful owner of both email
{{email}} and GPG key {{fpr}}.
</pre></p>
{% endwith %}
{% endlanguage %}

<p>{% blocktrans with name=person.fullname %}Endorsements are not intended to be long-term. If, at a later date,
{{ name }} wishes to apply for another status in the project, the key
should be endorsed again with updated information.
{% endblocktrans %}</p>

<p>{% trans "Use the following command to create the signed statement:" %}<br>
    <code>gpg --clearsign --default-key {{ endorsing_fpr }}</code></p>

<p>{% trans "Handy command lines:" %}
<ul>
  <li><code>gpg --clearsign --default-key {{endorsing_fpr}} | xclip</code></li>
  <li><code>gpg --clearsign --default-key {{endorsing_fpr}} | xclip -selection clipboard</code></li>
</ul>
</p>

<p>{% blocktrans %}It is a good idea to include some context information like
the date and nm.debian.org in the text, in case someone tries to reuse the
signed statement somewhere else.{% endblocktrans %}</p>

<p>{% blocktrans with fpr=endorsing_fpr|fingerprint %}The signature will be verified using the key {{ fpr }}{% endblocktrans %}</p>

<p>{% blocktrans with visitor=user.fullname%}The statement will be sent to <a href="https://lists.debian.org/debian-newmaint">debian-newmaint</a> as <code>{{visitor}}{% endblocktrans %}
    {% if "edit_email" in visit_perms %}
      <a href="{% url 'person:edit_email' key=user.lookup_key %}">&lt;{{user.email}}&gt;</a></code>.
    {% else %}
      &lt;{{user.email}}&gt;</code>.
    {% endif %}
</p>

<form action="" method="post">{% csrf_token %}
  {% for hidden in form.hidden_fields %}{{ hidden }}{% endfor %}
  {% for field in form.visible_fields %}
  {{ field.label_tag }}<br>
  {{ field }}<br>
  {{ field.errors }}
  {% endfor %}
  {{ form.non_field_errors }}
  <button class="btn btn-primary" type="submit">{% trans "Submit" %}</button>
</form>

{% endblock %}