Re: APT public key updates?
* Florian Weimer (fw@deneb.enyo.de) [060106 11:56]:
> * Bernd Eckenfels:
>
> >> IOW using the old key to sign the new key only requires that the old
> >> key be "good" at one point during the new year, whereas continuing to
> >> use the old key requires that it be "good" all year.
> >
> > Yes, but it breaks a long term usage like web of trust.
>
> The Debian archive key does not take part in the web of trust.
> Anybody who has passed the OpenPGP NM checks should not sign that key.
I disagree. There are people who have first-hand knowledge that this key
is used for the usage written in the key id, i.e. sign the debian
archive. These people can IMHO sign the key.
Cheers,
Andi
--
http://home.arcor.de/andreas-barth/
Reply to: