doc: split and add checks to issue templates according to responsibilities

Signed-off-by: Levente Polyak <anthraxx@archlinux.org>

doc: split and add checks to issue templates according to responsibilities
Signed-off-by: Levente Polyak <anthraxx@archlinux.org>
feab8a68 · Levente Polyak · 71a5af7f · feab8a68 · feab8a68
Verified Commit feab8a68 authored Apr 29, 2021 by Levente Polyak 🚀
--- a/.gitlab/issue_templates/New Main Key.md
+++ b/.gitlab/issue_templates/New Main Key.md
@@ -26,11 +26,29 @@ https://www.gnupg.org/gph/en/manual/x135.html

 ## Checks

+### New key owner
+
 - [ ] The [workflow for adding a new main
  key](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/workflows/add-a-new-main-key)
  has been followed
+- [ ] The key pair has been validated according to the [best
+  practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair)
 - [ ] The data in the [Details](#details) section is attached to this issue as
  a clearsigned document
- [ ] The revocation certificate holder verified the revocation certificate as
-  working in a comment to this issue
+- [ ] The revocation certificate has been sent in an encrypted message to the
+  revocation certificate holder
 - [ ] The public key has been uploaded to the SKS infrastructure
+
+### Keyring maintainer
+
+- [ ] The key pair has been validated according to the [best
+  practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair)
+- [ ] The data in the [Details](#details) section is correct and signed with a
+  valid and trusted packager key, which is part of `pacman-key`
+
+### Revocation Certificate Holder
+
+- [ ] The revocation certificate has been [verified
+  as working](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/workflows/verify-a-revocation-certificate)
+  and confirmed in a comment to this issue
+- [ ] The revocation certificate has been backed up in a dedicated encrypted backup storage
--- a/.gitlab/issue_templates/New Packager Key.md
+++ b/.gitlab/issue_templates/New Packager Key.md
@@ -33,10 +33,25 @@ needs to do the signature.

 ## Checks

+### New key owner
+
 - [ ] The [workflow for adding a new packager
  key](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/workflows/add-a-new-packager-key)
  has been followed
+- [ ] The key pair contains one user ID with a valid `<username>@archlinux.org` email address
+  used for signing
+- [ ] The key pair has been validated according to the [best
+  practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair)
 - [ ] The data in the [Details](#details) section is attached to this issue as
  a clearsigned document
 - [ ] The public key has been uploaded to the SKS infrastructure
 - [ ] The public key has been signed by at least three valid main keys
+
+### Keyring maintainer
+
+- [ ] The key pair contains one user ID with a valid `<username>@archlinux.org` email address
+  used for signing
+- [ ] The key pair has been validated according to the [best
+  practices](https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/wikis/best-practices#validating-a-key-pair)
+- [ ] The data in the [Details](#details) section is correct and signed with a
+  valid and trusted packager key, which is part of `pacman-key`