[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: debsigs

On Thu, Mar 28, 2002 at 02:13:24AM +0100, Florian Weimer wrote:
> Henrique de Moraes Holschuh <hmh@debian.org> writes:

> > We do not revoke keys because they are not invalid. We do not revoke the
> > signatures on UIDs mentioning @debian.org, because that would cause a lot of
> > trouble for the person to come back to the Debian project, I think. One
> > cannot revoke a revocation certificate, AFAIK...

> Yes, you can.  Just sign the key again.  Recent GnuPG versions will
> handle this correctly.

AFAIK, "revocation certificate" should always be used to refer to the 
revocation of a key, not of a signature.  If a signature on a key is 
revoked, it is possible to sign the key again later; but if a key is 
revoked, I don't know of any software that will let you un-revoke the 
key (and this is how it should be).

> > Someone is trusted by the project if, and only if, he has a non-revoked key
> > in the Debian keyring. Removing a key from the Debian keyring effectively
> > removes all privileges that key has as far as Debian is concerned.

> I don't think it's a good idea to express trust by membership in the
> Debian keyring.  Why can't we use bare OpenPGP for that?

PGP gives you authentication only.  "Do we want this person to upload 
packages to the archive?" is an /authorization/ question, not an 
authentication one.  The way the system recognizes authorized users is 
through the presence of their key in the ring.

Steve Langasek
postmodern programmer

Attachment: pgpraoMOQzUck.pgp
Description: PGP signature

Reply to: