-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hi Please make John Scott (currently a Debian Contributor) a Debian Maintainer (advocated by bage). Key D6223890E7C4625B2C1468D1AB181FDB41DD41C4 should be added to the 'Debian Maintainer' keyring. Key fingerprint: D6223890E7C4625B2C1468D1AB181FDB41DD41C4 uid: jscott First name: John Middle name: Lewis Last name: Scott Current status: Debian Contributor Target keyring: Debian Maintainer Forward email: jscott@posteo.net Details: https://nm.debian.org/process/1201/ John Scott has accepted the DMUP in a signed statement. Details from jscott: For nm.debian.org on August 13, 2023: I would like to change my status to be a Debian Maintainer. I've been helping out with different areas in Debian for about eight years, and have most recently ramped up my contributions on packages. I think it is reasonable to ask for uploading privileges for the following source packages: - open-ath9k-htc-firmware This is the package that got me into packaging. Despite the name, it actually builds a Binutils and GCC toolchain at build time and then tosses it in the bin (the compiler is not useful for building anything else). I am a little bit involved with upstream and making sure it is sustainable in the long-term, and have also done very minor things to improve the quality such as adding AppStream metadata that all downstreams can use. - binutils-sh-elf This is a package I introduced and put under the umbrella of the Electronics Team and which has been pretty easy-going and straightforward. - gcc-sh-elf This too is, on paper, maintained with the Electronics Team. This package is one of my more proud achievements: it uses a revolutionary procedure to (despite the source package name) build GCC, Newlib, and a "simulator" from GDB all at the same time, This enables running the GCC test suite, which has caught issues I've reported upstream which have been partly solved. It also has a ton of really cool autopkgtests I'm proud of. My work on gcc-sh-elf is likely to improve other packages with the lessons learned like gcc-arm-none-eabi (which I'm working on right now) and maybe also help get Cygwin into Debian someday. Note that although the *-sh-elf packages are under the Electronics Team umbrella for symmetry, I have in practice been getting sponsorship and review from Bastian Germann and Adrian Glaubitz, the latter of whom takes an interest in the Debian SuperH port. - carl9170fw This is kind of similar to open-ath9k-htc-firmware; they're sister projects of radically different origin. It just got uploaded to NEW, so if anybody feels I'm not ready to have uploading priveliges on this yet I will have no objection. This uses binutils-sh-elf and gcc-sh-elf to cross compile the libre wireless firmware. carl9170fw has already been in Debian for a long time, but I am a strong believer in the intent of Debian Policy which says that we build packages from source. The only reason firmware-linux-free has been an unofficial exception is because folks thought it was too hard and set the severity to non-RC accordingly. With this package, I prove that building free firmware from source is an attainable goal, one I'd like to keep working on my splintering firmware-linux-free out into new source packages. - Newlib I do not have a strong history of working on this package yet either, so if I'm not ready for uploading privileges that's fair. (It's my understanding that what upload privileges I have are flexible and decided by DDs, and need not be decided during the application process. That sounds good.) I did an NMU a while ago that was necessary to make the other packages possible, and now I'm salvaging it. The previous Newlib maintainer consents to my taking it over the package and doing as I see fit with it, which is bringing it into the Electronics Team and making myself the sole uploader. Again, to support my notion of quality and let lessions learned from gcc-sh-elf be extended to other packages, radical changes are coming to Newlib. This is what I plan to work on in the near future. - Monkeysphere I haven't done an upload yet, but I just took over upstream and will take care of downstream too. I see a big future for Monkeysphere by rewriting it and I have gotten several emails already from interested folks who want to *use* it, even folks who don't consider themselves developers. This is in the Privacy Team, but they haven't responded to be, have a LowThresholdNMU policy, and it's been removed from unstable, so especially if I keep it there within the team I think making myself uploader now is justified. I know a thing or two about OpenPGP and already to support the Monkeysphere, I've made the raw RSA key underlying the TLS certificate at johnscott.me a subkey on my OpenPGP key, which proves that the owner of the OpenPGP key and controller of johnscott.me are the same. Check it out! The current situation with the package is complicated, but it's very likely that I'll help out the GnuPG folks. I just emailed Gniibe about whether I can help out with Scute, but since he's also its upstream more or less I don't want to take the privilege from him. As long as it is not used to justify carelessness or a lack of activity, I believe in collaborative maintenance and don't like strong ownership of packages. Of course we have NMUs and the package salvaging process when dealing with packages maintained by folks with different beliefs than I. It's my intent that all packages and projects I maintain welcome even the most frivulous and smallest contributions, even if it's just deleting whitespace. I believe in Debian Policy, the Social Contract, and admire its democratic leadership structure. It's a project I love and have been dreaming of being a member since I was around 13 years old. The last reservation I expect you may have is about my OpenPGP key since I haven't been able to get signatures from anybody. Here in the Midwest USA, it's very hard. However, I use my key for everything everywhere, have for a very long time, and you can check out OPENPGPKEY DNS records at johnscott.me to (with the DNSSEC signature) confirm that I, owner of that domain, do use that OpenPGP key. A technical fluke that has been discussed before is that nm,debian.org may make it look like my key is expiring soon. Unfortunately it is a bug that I'm not able to re-upload or refresh my own key on nm.debian.org, so I am unable to fix this. Anyway, thanks for considering me to be a DM! - -- Thank you, Jonathan McDowell (as Front Desk) -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERUuPEyEc/2gMWDpQ/xYvxc8/utEFAmTiVU8ACgkQ/xYvxc8/ utGJBhAAqaDuFyCi0qQsemMOvQTH3vXMJgfaWU/rH+pl6XVjMZS/yCrn0XKeqSho ohtsrcLtrX7lvkch9WfeuU3uudYKNcd4JdrF30CBcVxmLKmoHscfdciMh3dcqtr5 febE51D0e2HsoRtByambinJ/iF8kSK5A6OZnyfJOaBsfU4fDWiaC1RkHAmtbzzX5 ArLX1Z6yWBB/Y/Pnr8T4fnH+JuinxxJNtN7KPGCSPC889gqAY0HOK44e+INSGlOm v19QwGtdJrg6Q5diUb6r21EXReHHU+fyP6U0uvd3xxUOkg9Q+3HdieJtl1FQhQ2n etuRuXOmLraFo/HAjOlB2O0ToRuv8+jMIFj0RXuERP7JZQqNhmx0/3liXt0wLzNI F0JIuuHOlqpncGyCZTez0J07JlWFyX3Dubk1AMKTQsE0Zi+FA6PvFp+jw+PD8Noy pOIA353XUcHUXFqtaa31i241U0w308paLZBrNgK6QgjG5Fd/BJqBJEF/JP6aK8zF ZMT3+44zvn/wBRdCwaWyJnIj1haDA9MC1RDQ48jrbPoALt/57Y2cN4mhLsB+cxP1 S/X3/bmU2SUJtb4SYwVqx+Fal84ebj3U8By1ddeA6MYrjDX8eUIkJrL/m079kGj5 bGDOEQNl5xuI5fSkIWcbf+N9vq1jKEz4nVbx289+Pi9+2D2F6s0= =C+/g -----END PGP SIGNATURE-----