On Fri, Jan 06, 2006 at 08:21:14AM -0500, Joey Hess wrote:
> BTW, has anyone thought about what will happen when we have a stable
> release that has the 200n key in it and 200n+1 rolls around[1]?
On January 1 (or whenever a new key is issued) do a security update
for stable on the package that has the keyring.
> [1] As is, for example, supposed to happen a month or so after etch is
> released.
In this case we (well, not me...) can issue a new key that is valid
from november 2006 (a month before etch is released) till october
2007. Use that key to sign the packages. Then the first year there
will be no problems, unless the key is compromised.
--
Maurits van Rees | http://maurits.vanrees.org/ [NL]
Work | http://zestsoftware.nl/
GnuPG key | http://maurits.vanrees.org/var/gpgkey.asc
"Do only what only you can do." --- Edsger Wybe Dijkstra
Attachment:
signature.asc
Description: Digital signature