debian mentors/ glossary/ GPG

GNU Privacy Guard

The GNU Privacy Guard (usually just called GPG), is a public key encryption program that is widely used in the Open Source software community.

It allows files to be signed by a key, so that there is a reasonable assurance that the file you receive came from the person it claims to be from.

This is important for Debian, as all uploads to the distribution must be signed by the GPG key of a DebianDeveloper. This allows Debian to work in the way it does, as a decentralised community spread all over the world.

If you wish to enter the NewMaintainerProcess, you will need a GPG key. You will also need to have it signed by an existing DD, so that there is a trust path from Debian to you, and a way of tying your online identity to a real person.