Key consistency checks

This requirement has been approved by Pierre-Elliott Bécue <peb@debian.org> 3 years, 5 months ago.

This process has been closed by noodles on 2021-12-01: no further modifications are possible.

Potential problems

no UID found that fully satisfies requirements

Every Debian member needs a GPG key of sufficient strength. In addition, all keys should be certified so we can link them to a real-world identity.

The normal requirements are:

the key should be type RSA and version 4 or greater
the key should have the sign, certify and encrypt capabilities (subkeys are encouraged)
the primary cryptographic material should be at least 4096 bits
the UIDs used by an applicant to work in the project should be signed by at least two existing Debian members (1 for DM applications)
as an alternative to the previous requirement, the key can be endorsed (see link at the bottom of the page) by multiple Debian Members (the number of required endorsements depends on the endorsement's age and nature)
pseudonyms or anonymity are acceptable in certain circumstances

If the key does not meet these requirements, and you would struggle to create one which does, contact Front Desk.

Keys are first searched in hkps://keyring.debian.org. If no key is found, then the key will be imported from hkps://keyserver.ubuntu.com/. Please ensure that you have sent your key to Ubuntu's key server. Sending public keys to keyring.debian.org will only work if your key is already in Debian's keyring and will only be taken into account after the Keyring Maintainers updated it. For Debian Maintainers and Developers, please remember to send your key to both servers.

This check will be approved manually by Front Desk as the application progresses.

Key check results

OpenPGP fingerprint	55F4 2477 7155 3528 5CB2 2B7A BB86 1FDE 4046 0F83
Main key	ok (last updated: 2025-05-04 21:08 UTC)
UID Tommi Höynälänmaa <tommi.hoynalanmaa, gmail.com>	ok, 0 non-DD sigs, 0 DD sigs: none
UID Tommi Höynälänmaa <tommi.hoynalanmaa, iki.fi>	ok, 0 non-DD sigs, 0 DD sigs: none

Active key endorsements

Endorsed by

Date

Statement

Actions

timo

2021-11-19
(3 years, 5 months ago)

For nm.debian.org, at 2021-08-31:

I have worked with Tommi in the same company a long time ago and can confirm he has a long, solid Linux background. 

I've interacted with Tommi Höynälanmaa using the email address tommi.hoynalanmaa@gmail.com which is the one they're using on nm.debian.org, and they signed their work and email using a GPG key with fingerprint 55F4 2477 7155 3528 5CB2  2B7A BB86 1FDE 4046 0F83.

I've made sure that they are able to decrypt encrypted messages sent to this key and that they're able to sign messages with the same key.

Due to the long-term interactions we had, I'm convinced that Tommi Höynälänmaa as they present themselves on nm.debian.org is the rightful owner of both email tommi.hoynalanmaa@gmail.com and GPG key 55F4 2477 7155 3528 5CB2  2B7A BB86 1FDE 4046 0F83.

Signed with key 6B85 4D46 E843 3CD7 CDC0 3630 E0F7 59F7 90BD D207

View raw

weinholt

2021-11-14
(3 years, 5 months ago)

For nm.debian.org, at 2021-11-14:
For the past year and a bit more, I have worked with Tommi Höynälänmaa on theme-d and guile-cairo.

For this past work, Tommi Höynälänmaa sent mails using the email address tommi.hoynalanmaa@gmail.com
which is the one they're using on nm.debian.org, and they signed their work and
email using a GPG key with fingerprint 55F4 2477 7155 3528 5CB2  2B7A BB86 1FDE 4046 0F83.

I've made sure that they are able to decrypt encrypted messages sent to this key
and that they're able to sign messages with the same key.

Due to the long-term interactions we had, I'm convinced that Tommi Höynälänmaa as they
present themselves on nm.debian.org is the rightful owner of both email
tommi.hoynalanmaa@gmail.com and GPG key 55F4 2477 7155 3528 5CB2  2B7A BB86 1FDE 4046 0F83.

Signed with key 0827 2FBB 54EE B507 2D5B A930 E33E 61A2 E9B8 C3A2

View raw

Log

Date	Author	Action	Content	Public
2021-11-29 22:31	peb	req_approve	Requirement approved	yes