1 |
On Thu, Sep 29, 2011 at 01:26:25PM -0400, Mike Frysinger wrote: |
2 |
> On Thursday, September 29, 2011 12:48:35 Mr. Aaron W. Swenson wrote: |
3 |
> Well, there's a bit more to it than that. 'repoman' must enforce the |
4 |
> usage of keys or die if it can't. |
5 |
> |
6 |
> there's already bugs open for this. 298605 and 313601. if you want to |
7 |
> accelerate things, then chip in and update repoman. |
8 |
> |
9 |
> > Also, the Dev Handbook only says 'can', it needs to be changed to |
10 |
> > 'must'. |
11 |
> |
12 |
> that is the summary of the article which describes what the page is for, |
13 |
> not the policy it enforces. |
14 |
> |
15 |
|
16 |
I guess I'm getting ahead of myself. We keep referencing that page saying |
17 |
"here's how you should do it", but then we shoot ourselves in the foot |
18 |
saying that it isn't policy in the next breath. |
19 |
|
20 |
> > I'd also drop the bit about expiration. Instead, I'd change it to read |
21 |
> > "expires no sooner than 6 months". You know, to give the key a moment |
22 |
> > to be recognized by some people, perhaps even marginally trusted by |
23 |
> > someone. |
24 |
> |
25 |
> i'm fine with extending the length of the key. i think last time this |
26 |
> came up, so was everyone else. the point was more disallowing keys that |
27 |
> never expire. |
28 |
|
29 |
I agree with that. The key should have an expiration. (I said something |
30 |
different to Mr. Vroon not too long ago.) We don't want a trusted key |
31 |
sticking around forever after a dev leaves us. It should be long enough to |
32 |
not be an inconvenience. Five years is the general recommendation. I'd say |
33 |
the average Gentoo Dev lifespan. (Do we even have stats on that?) |
34 |
|
35 |
> but this doesn't stop anyone from signing their manifests today. |
36 |
|
37 |
No, it certainly doesn't. |
38 |
|
39 |
> > What really matters is that it is an unexpired, valid key. |
40 |
> |
41 |
> no, what matters is that the key is unexpired/valid at the time the |
42 |
> signature was made, and not revoked after that (simply because it |
43 |
> expired ... revoking because of compromise is obviously OK). |
44 |
|
45 |
That's what I meant. |
46 |
|
47 |
-- |
48 |
Mr. Aaron W. Swenson |
49 |
Pseudonym: TitanOfOld |
50 |
Gentoo Developer |