On Thu, Mar 28, 2002 at 02:13:24AM +0100, Florian Weimer wrote: > Henrique de Moraes Holschuh <hmh@debian.org> writes: > > We do not revoke keys because they are not invalid. We do not revoke the > > signatures on UIDs mentioning @debian.org, because that would cause a lot of > > trouble for the person to come back to the Debian project, I think. One > > cannot revoke a revocation certificate, AFAIK... > Yes, you can. Just sign the key again. Recent GnuPG versions will > handle this correctly. AFAIK, "revocation certificate" should always be used to refer to the revocation of a key, not of a signature. If a signature on a key is revoked, it is possible to sign the key again later; but if a key is revoked, I don't know of any software that will let you un-revoke the key (and this is how it should be). > > Someone is trusted by the project if, and only if, he has a non-revoked key > > in the Debian keyring. Removing a key from the Debian keyring effectively > > removes all privileges that key has as far as Debian is concerned. > I don't think it's a good idea to express trust by membership in the > Debian keyring. Why can't we use bare OpenPGP for that? PGP gives you authentication only. "Do we want this person to upload packages to the archive?" is an /authorization/ question, not an authentication one. The way the system recognizes authorized users is through the presence of their key in the ring. Steve Langasek postmodern programmer
Attachment:
pgpraoMOQzUck.pgp
Description: PGP signature