Re: Debian and GPG/PGP key handling
On Tue, Jun 12, 2001 at 10:10:18AM +0200, Samuel Tardieu wrote:
>On 12/06, Brendan O'Dea wrote:
>| Note however that changes submitted via the keyserver are periodically
>| incorporated into the keyrings used for db.debian.org manually, so
>| changes may not be immediately visible there.
>I agree with all you said, but unfortunately it didn't answer my original
>question: how can I have the changes incorporated into the master keyring
>(the one used to check packages) immediately? This is really important for
>a revocation certificate, as new packages must not be accepted. At least,
>keys should be synchronized right before the start of dinstall.
Immediately? You can't. Manual intervention is required to add/remove
keys and to incorporate changes from the server.
In the case of a compromised key, you should send a copy of the
revocation certificate to keyring-maint.
Brendan O'Dea email@example.com
Compusol Pty. Limited (NSW, Australia) +61 2 9810 3633