Martin Schulze <[EMAIL PROTECTED]> writes:
> | - key management,
>
> - are able to review the key management part and
> - design and discuss this with the release team
> - (re-)design and discuss package updates and security updates
> - take into account that the archive key is rotated ye
* Martin Schulze:
> Even though this will probably work well on a small scale, it won't on
> a large scale. Just think about the installations of 500 or 1000
> Debian machines that also have security support. This is not
> hypothetical. These installations do exist. You don't want to
> install
Florian Weimer wrote:
> * Henrique de Moraes Holschuh:
> > You still need to deal with key revocation and a new key being needed,
> > anyway. Yearly changes will not make it more difficult, it will make sure
> > those codepaths are tested (and used at least once an year).
> I can understand that
martin f krafft wrote:
> also sprach Martin Schulze <[EMAIL PROTECTED]> [2005.02.14.1851 +0100]:
> > We need help by competent developers who work on apt 0.6 with the goal
> > to get it supported properly and eventually enter sid and sarge.
>
> Thank you, Joey!
>
> For the record, I am too strung
Quoting Martin Schulze ([EMAIL PROTECTED]):
> Moin,
>
> We need help by competent developers who work on apt 0.6 with the goal
> to get it supported properly and eventually enter sid and sarge.
>
> There is a good chance the release will happen before the issues with
> apt 0.6 are resolved, so th
* Henrique de Moraes Holschuh:
> You still need to deal with key revocation and a new key being needed,
> anyway. Yearly changes will not make it more difficult, it will make sure
> those codepaths are tested (and used at least once an year).
Right now, it's not codepaths, but system administrat
On Mon, Feb 14, 2005 at 08:04:51PM +0100, Peter Palfrader wrote:
> A similar 2 key system is probably a good idea for security, and maybe
> also for the normal rotated keys (just ship 2005 and 2006 keys now).
i think having two keys would make logistics a lot simpler for release
upgrades, assuming
also sprach Henrique de Moraes Holschuh <[EMAIL PROTECTED]> [2005.02.14.1933
+0100]:
> You still need to deal with key revocation and a new key being
> needed, anyway. Yearly changes will not make it more difficult,
> it will make sure those codepaths are tested (and used at least
> once an year)
On Mon, 14 Feb 2005, Henrique de Moraes Holschuh wrote:
> > Why? What argument is there against a per-release key, including
> > keys for security, testing, unstable, and experimental? It would
> > certainly make things a little easier...
>
> You still need to deal with key revocation and a new k
On Mon, 14 Feb 2005, martin f krafft wrote:
> also sprach Martin Schulze <[EMAIL PROTECTED]> [2005.02.14.1851 +0100]:
> > We need help by competent developers who work on apt 0.6 with the goal
> > to get it supported properly and eventually enter sid and sarge.
>
> Thank you, Joey!
>
> For the re
also sprach Martin Schulze <[EMAIL PROTECTED]> [2005.02.14.1851 +0100]:
> We need help by competent developers who work on apt 0.6 with the goal
> to get it supported properly and eventually enter sid and sarge.
Thank you, Joey!
For the record, I am too strung up right now to be any use in
coordi
11 matches
Mail list logo
