Re: Hurd-i386 and kfreebsd-{i386,amd64} removal

To: Philipp Kern <pkern@debian.org>
Cc: debian-hurd@lists.debian.org, debian-bsd@lists.debian.org, debian-devel@lists.debian.org, ftpmaster@ports-master.debian.org
Subject: Re: Hurd-i386 and kfreebsd-{i386,amd64} removal
From: Aurelien Jarno <aurelien@aurel32.net>
Date: Sat, 13 Apr 2019 13:23:53 +0200
Message-id: <[🔎] 20190413112353.GA7970@aurel32.net>
Mail-followup-to: Philipp Kern <pkern@debian.org>, debian-hurd@lists.debian.org, debian-bsd@lists.debian.org, debian-devel@lists.debian.org, ftpmaster@ports-master.debian.org
In-reply-to: <[🔎] 8758c4b3-7ebe-5e8b-1875-884b7f7d66f6@philkern.de>
References: <[🔎] 87zhovdk5x.fsf@ganneff.de> <[🔎] 20190412210157.xsb2c4ihalpcttva@function> <[🔎] 20190413104907.GA31044@aurel32.net> <[🔎] 8758c4b3-7ebe-5e8b-1875-884b7f7d66f6@philkern.de>

On 2019-04-13 13:07, Philipp Kern wrote:
> On 4/13/2019 12:49 PM, Aurelien Jarno wrote:
> > The process to inject all packages to debian-ports is to get all the
> > deb, udeb and buildinfo files from the archives (main and debug) and
> > associate them with the .changes files that are hosted on coccia. We'll
> > also need to fetch all the associated GPG keys used to sign the changes
> > files. Then we can inject that in the debian-ports archive.
> I'm curious how the GPG bit works given that there is no guarantee that
> the signature can be validated at any other point in time than ingestion
> on ftp-master - especially considering the rotation/expiry of subkeys
> and buildd keys.

All the old buildd keys can be fetch from fasolo and can be used to
validate the signatures.

> In this case the files already come from a trusted
> source and should be ingested as-is, I guess? (Not that I particularly
> like the fact that it's only a point in time validation.)

Yes in that case, it's possible to resign the changes files, or let the
buildds to rebuild the corresponding packages.

-- 
Aurelien Jarno                          GPG: 4096R/1DDD8C9B
aurelien@aurel32.net                 http://www.aurel32.net

Reply to:

References:
- Hurd-i386 and kfreebsd-{i386,amd64} removal
  - From: Joerg Jaspert <joerg@debian.org>
- Re: Hurd-i386 and kfreebsd-{i386,amd64} removal
  - From: Samuel Thibault <sthibault@debian.org>
- Re: Hurd-i386 and kfreebsd-{i386,amd64} removal
  - From: Aurelien Jarno <aurelien@aurel32.net>
- Re: Hurd-i386 and kfreebsd-{i386,amd64} removal
  - From: Philipp Kern <pkern@debian.org>

Prev by Date: Re: Hurd-i386 and kfreebsd-{i386,amd64} removal
Next by Date: Re: Hurd-i386 and kfreebsd-{i386,amd64} removal
Previous by thread: Re: Hurd-i386 and kfreebsd-{i386,amd64} removal
Next by thread: Re: Hurd-i386 and kfreebsd-{i386,amd64} removal
Index(es):
- Date
- Thread