drop mention of signing with the archive master key: it's not a requirement, and not something the Ubuntu Kylin team can implement (AA has to do this)
spell out auditability requirements
|Deletions are marked like this.||Additions are marked like this.|
|Line 3:||Line 3:|
|* The Ubuntu archive and Ubuntu Security teams act as the auditors for this repository and will have read access to the repository. The Ubuntu archive team may also request the immediate removal of any unsuitable content.|
Ubuntu Kylin archive is designed to provide software co-developed by Ubuntu Kylin team and Chinese commercial companies. Most of these software are only useful for Chinese. Packages developed by Ubuntu Kylin team with GPL/LGPL licenses will be delivered through the regular Ubuntu repository as usual. The management of Ubuntu Kylin archive will follow basic rules as following:
It will be managed and monitored by the Ubuntu Kylin Council. Uploaders must be Ubuntu members and have signed the Ubuntu CoC.
- The Ubuntu archive and Ubuntu Security teams act as the auditors for this repository and will have read access to the repository. The Ubuntu archive team may also request the immediate removal of any unsuitable content.
- Packages must be built in the Canonical-managed Launchpad builders, using the same build chroots as the Ubuntu archive and with no build-dependencies on other PPAs.
- The result will be signed by a GPG key managed by Canonical within the Canonical infrastructure.
- That GPG key must be separate from any other key currently in use.
- Distribution will be done through servers managed by Ubuntu Kylin team which will get its content from a private server on Canonical's network.
Packages in the repository must adhere to the Extension Repository Policy.