| 1 |
> > Do you want to reject signed commits if |
| 2 |
> > - keys are not publicly available [1] |
| 3 |
> |
| 4 |
> We'll need to define what does 'public availability' exactly mean? Does |
| 5 |
> that mean a specific keyserver? |
| 6 |
|
| 7 |
Good point. Although most keyservers synchronize each other, it might make sense to define an additional location such as e.g. a keyring for download on www.gentoo.org. |
| 8 |
|
| 9 |
> > - keys are revoked [3] |
| 10 |
> |
| 11 |
> How about manifests signed before the key was revoked? |
| 12 |
|
| 13 |
And about keys being revoked by a revocation certificate that was generated long time ago "just in case" (as even our docs recommend)... Yes I know this is a mess. |
| 14 |
|
| 15 |
|
| 16 |
-- |
| 17 |
Andreas K. Huettel |
| 18 |
Gentoo Linux developer - kde, sci, arm, tex |
| 19 |
dilfridge@g.o |
| 20 |
http://www.akhuettel.de/ |
Archives