Re: Debian derivatives census: repository OpenPGP key distribution?
On 5/10/19 1:31 AM, Paul Wise wrote:
> On Fri, May 10, 2019 at 4:20 AM Sébastien Duthil wrote:
>
>> In case of a key being compromised, then I guess a manual intervention
>> would be required to revoke the compromised key and to replace it. I
>> would love to read a better answer though.
>
> One option is to pre-generate the next key, include it in your keyring
> package then remove the old key if it gets compromised. You can also
> do this replacement on a regular basis, such as once per release. I
> think this is how Debian's keys work.
>
Seems a good idea to me :) Thank you Paul!
--
Sébastien Duthil
Reply to: