TLS key for api.ftp-master.debian.org
Thanks for helping with this. When I spoke to ftpmaster et al about
this before, we had a conversation about TLS public keys and
certificates.
I would like the DAK API TLS security to be rooted in a
Debian-controlled public key distributed in a package in Debian,
rather than using a public CA.
What I suggested is here:
https://lists.debian.org/debian-dak/2013/11/msg00000.html
(in `Part II').
I provided rationale for this approach, rather than using a
conventional https public CA, here:
https://lists.debian.org/debian-dak/2013/11/msg00002.html
https://lists.debian.org/debian-dak/2013/11/msg00007.html
(Noodles pointed out a little laterthat I should have meant
the debian-archive-keyring package, not the debian-keyring one.
Mark Hymers agreed with me here:
https://lists.debian.org/debian-dak/2013/11/msg00011.html
I provided some scripts for key and cert generation, here:
https://lists.debian.org/debian-dak/2013/11/msg00010.html
Thanks,
Ian.
Reply to: