1 |
> > Do you want to reject signed commits if |
2 |
> > - keys are not publicly available [1] |
3 |
> |
4 |
> We'll need to define what does 'public availability' exactly mean? Does |
5 |
> that mean a specific keyserver? |
6 |
|
7 |
Good point. Although most keyservers synchronize each other, it might make sense to define an additional location such as e.g. a keyring for download on www.gentoo.org. |
8 |
|
9 |
> > - keys are revoked [3] |
10 |
> |
11 |
> How about manifests signed before the key was revoked? |
12 |
|
13 |
And about keys being revoked by a revocation certificate that was generated long time ago "just in case" (as even our docs recommend)... Yes I know this is a mess. |
14 |
|
15 |
|
16 |
-- |
17 |
Andreas K. Huettel |
18 |
Gentoo Linux developer - kde, sci, arm, tex |
19 |
dilfridge@g.o |
20 |
http://www.akhuettel.de/ |