Comment 15 for bug 2043448

Hi, I saw that Laider addressed the last remaining issue called here (the specific debian/copyright Indicator Weather copy-paste typo); reviewing only this change compared to 1.7, I sponsored the delta.

Since this is a new package and the first time I am sponsporing it, I took a wider look and noted the following opportunities for improvement:
 * the control file lists Isaac as original maintainer with his Canonical address; this should be removed
 * I've personally just now subscribed to the nemos-team@LP mailing-list, perhaps Laider and others should too
 * description of the package is a bit terse, should mention that it is used to sign the boot in generated images for the NemOS project
 * subjective/personal perspective: I suspect this is broken down into too many very small packages; could probably be just a single package
 * there is no explanation/documentation for the Provides; this is likely a case of someone being able to craft their own key-carrying deb and host that privately (would need to think of hosting this so that only CI/CD for image generation could get access to the private key!)
 * there is no documentation as to where the pre-built files (rsa2048_private.pem, rsa2048_public.pem, u-boot-signature.dtsi) are coming from, nor how these were generated; these are fairly obvious (perhaps the u-boot device tree source snippet a bit less), but would seem useful