Re: Debian derivatives census: repository OpenPGP key distribution?

To: debian-derivatives@lists.debian.org
Subject: Re: Debian derivatives census: repository OpenPGP key distribution?
From: "sduthil@wazo.io" <sduthil@wazo.io>
Date: Fri, 17 May 2019 13:57:35 -0400
Message-id: <[🔎] 7276cdad-04bd-eb18-8bcd-9d138f2be922@wazo.io>
In-reply-to: <[🔎] CAKTje6Ebgkuyy3_jsyCvLCv7k0UcW49Nzhu=zO-8wSELLy_nDA@mail.gmail.com>
References: <[🔎] 100ecdf84ae9777ef7d5df41a969d7fb3273b963.camel@debian.org> <[🔎] 1c59f103-f386-bc88-aafa-9f38b54e2ffe@wazo.community> <[🔎] CAKTje6Ebgkuyy3_jsyCvLCv7k0UcW49Nzhu=zO-8wSELLy_nDA@mail.gmail.com>

On 5/10/19 1:31 AM, Paul Wise wrote:
> On Fri, May 10, 2019 at 4:20 AM Sébastien Duthil wrote:
> 
>> In case of a key being compromised, then I guess a manual intervention
>> would be required to revoke the compromised key and to replace it. I
>> would love to read a better answer though.
> 
> One option is to pre-generate the next key, include it in your keyring
> package then remove the old key if it gets compromised. You can also
> do this replacement on a regular basis, such as once per release. I
> think this is how Debian's keys work.
> 

Seems a good idea to me :) Thank you Paul!

-- 
Sébastien Duthil

Reply to:

References:
- Debian derivatives census: repository OpenPGP key distribution?
  - From: Paul Wise <pabs@debian.org>
- Re: Debian derivatives census: repository OpenPGP key distribution?
  - From: Sébastien Duthil <sduthil@wazo.community>
- Re: Debian derivatives census: repository OpenPGP key distribution?
  - From: Paul Wise <pabs@debian.org>

Prev by Date: USB drives printed with your logo
Next by Date: Re: Debian derivatives census: repository OpenPGP key distribution?
Previous by thread: Re: Debian derivatives census: repository OpenPGP key distribution?
Next by thread: Re: Debian derivatives census: repository OpenPGP key distribution?
Index(es):
- Date
- Thread