[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Debian and GPG/PGP key handling

On Tue, Jun 12, 2001 at 10:10:18AM +0200, Samuel Tardieu wrote:
>On 12/06, Brendan O'Dea wrote:
>
>| Note however that changes submitted via the keyserver are periodically
>| incorporated into the keyrings used for db.debian.org manually, so
>| changes may not be immediately visible there.
>
>I agree with all you said, but unfortunately it didn't answer my original
>question: how can I have the changes incorporated into the master keyring
>(the one used to check packages) immediately? This is really important for
>a revocation certificate, as new packages must not be accepted. At least,
>keys should be synchronized right before the start of dinstall.

Immediately?  You can't.  Manual intervention is required to add/remove
keys and to incorporate changes from the server.

In the case of a compromised key, you should send a copy of the
revocation certificate to keyring-maint.

Regards,
-- 
Brendan O'Dea                                        bod@compusol.com.au
Compusol Pty. Limited                  (NSW, Australia)  +61 2 9810 3633
Reply to: