| 1 |
On Thu, Sep 29, 2011 at 01:26:25PM -0400, Mike Frysinger wrote: |
| 2 |
> On Thursday, September 29, 2011 12:48:35 Mr. Aaron W. Swenson wrote: |
| 3 |
> Well, there's a bit more to it than that. 'repoman' must enforce the |
| 4 |
> usage of keys or die if it can't. |
| 5 |
> |
| 6 |
> there's already bugs open for this. 298605 and 313601. if you want to |
| 7 |
> accelerate things, then chip in and update repoman. |
| 8 |
> |
| 9 |
> > Also, the Dev Handbook only says 'can', it needs to be changed to |
| 10 |
> > 'must'. |
| 11 |
> |
| 12 |
> that is the summary of the article which describes what the page is for, |
| 13 |
> not the policy it enforces. |
| 14 |
> |
| 15 |
|
| 16 |
I guess I'm getting ahead of myself. We keep referencing that page saying |
| 17 |
"here's how you should do it", but then we shoot ourselves in the foot |
| 18 |
saying that it isn't policy in the next breath. |
| 19 |
|
| 20 |
> > I'd also drop the bit about expiration. Instead, I'd change it to read |
| 21 |
> > "expires no sooner than 6 months". You know, to give the key a moment |
| 22 |
> > to be recognized by some people, perhaps even marginally trusted by |
| 23 |
> > someone. |
| 24 |
> |
| 25 |
> i'm fine with extending the length of the key. i think last time this |
| 26 |
> came up, so was everyone else. the point was more disallowing keys that |
| 27 |
> never expire. |
| 28 |
|
| 29 |
I agree with that. The key should have an expiration. (I said something |
| 30 |
different to Mr. Vroon not too long ago.) We don't want a trusted key |
| 31 |
sticking around forever after a dev leaves us. It should be long enough to |
| 32 |
not be an inconvenience. Five years is the general recommendation. I'd say |
| 33 |
the average Gentoo Dev lifespan. (Do we even have stats on that?) |
| 34 |
|
| 35 |
> but this doesn't stop anyone from signing their manifests today. |
| 36 |
|
| 37 |
No, it certainly doesn't. |
| 38 |
|
| 39 |
> > What really matters is that it is an unexpired, valid key. |
| 40 |
> |
| 41 |
> no, what matters is that the key is unexpired/valid at the time the |
| 42 |
> signature was made, and not revoked after that (simply because it |
| 43 |
> expired ... revoking because of compromise is obviously OK). |
| 44 |
|
| 45 |
That's what I meant. |
| 46 |
|
| 47 |
-- |
| 48 |
Mr. Aaron W. Swenson |
| 49 |
Pseudonym: TitanOfOld |
| 50 |
Gentoo Developer |
Archives