Re: Bits (Nybbles?) from the Vancouver release team meeting

To: Wouter Verhelst <wouter@grep.be>
Cc: Sven Luther <sven.luther@wanadoo.fr>, debian-devel@lists.debian.org
Subject: Re: Bits (Nybbles?) from the Vancouver release team meeting
From: Sven Luther <sven.luther@wanadoo.fr>
Date: Tue, 15 Mar 2005 00:58:42 +0100
Message-id: <[🔎] 20050314235842.GE26922@pegasos>
In-reply-to: <[🔎] 20050314234514.GA11210@grep.be>
References: <[🔎] Pine.LNX.4.62.0503140721080.4772@wr-linux02> <[🔎] 20050314073645.GA18997@quetzlcoatl.dodds.net> <[🔎] 20050314094629.GB6974@pegasos> <[🔎] 87is3u7cyn.fsf@becket.becket.net> <[🔎] 20050314101155.GI6974@pegasos> <[🔎] 87ekeii0na.fsf@informatik.uni-tuebingen.de> <[🔎] 20050314181549.GD17820@pegasos> <[🔎] 1110827223.8686.86.camel@country.grep.be> <[🔎] 20050314212000.GA22849@pegasos> <[🔎] 20050314234514.GA11210@grep.be>

On Tue, Mar 15, 2005 at 12:45:14AM +0100, Wouter Verhelst wrote:
> On Mon, Mar 14, 2005 at 10:20:00PM +0100, Sven Luther wrote:
> > But you would notice all this just the same if the signing where automated,
> > don't you ?
> 
> Possibly; however, it wouldn't buy us much (signing successful build
> logs currently takes me 10 seconds for the first log, and less than a
> second for the next ones thanks to mutt's gpg passphrase caching and a

unless you are on vacation, sick or whatver, in which case the buildd for the
arch in question is paralized for days if not weeks. This happened already,
altough not with the m68k buildds i think.

> some scripting) while it would cost us much: auto-signing stuff is
> dangerous, as it requires connecting a machine with a key without
> passphrase, or that at least has the key unprotected in memory, to the
> Internet. There's a major difference, security-wise, and no noticeable
> difference in handling of the logs -- most of us actually sit close to
> their mailbox most of the day, and only when we sleep do successful logs
> have to wait a bit.

Yep, it usually works well, but we had cases where packages waited longer, and
this is what concerns me.

Friendly,

Sven Luther

Reply to:

References:
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Andreas Tille <tillea@rki.de>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Steve Langasek <vorlon@debian.org>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Sven Luther <sven.luther@wanadoo.fr>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Thomas Bushnell BSG <tb@becket.net>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Sven Luther <sven.luther@wanadoo.fr>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Goswin von Brederlow <brederlo@informatik.uni-tuebingen.de>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Sven Luther <sven.luther@wanadoo.fr>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Wouter Verhelst <wouter@grep.be>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Sven Luther <sven.luther@wanadoo.fr>
- Re: Bits (Nybbles?) from the Vancouver release team meeting
  - From: Wouter Verhelst <wouter@grep.be>

Prev by Date: Re: Bits (Nybbles?) from the Vancouver release team meeting
Next by Date: Re: Sarge release (Re: Bits (Nybbles?) from the Vancouver release team meeting)
Previous by thread: Re: Bits (Nybbles?) from the Vancouver release team meeting
Next by thread: Re: Bits (Nybbles?) from the Vancouver release team meeting
Index(es):
- Date
- Thread