Re: APT public key updates?
Joey Hess wrote:
> BTW, has anyone thought about what will happen when we have a stable
> release that has the 200n key in it and 200n+1 rolls around? Will stable
> even be installable anymore? How will the updated key be pushed out to
> stable quickly enough? Will we have to rebuild CDs and obsolete all the
> old ones then too? Is the current scheme of having overlapping
> signatures for 1 month long enough, given that stable users might well
> only update their machines quarterly or so?
Given that stable is stable, wouldn't it be possible to sign each stable
release with a special key kept offline without causing too much trouble?
That doesn't solve security updates though, so the key for that would
need to be updated as necessary.
Alternatively, a two link process with a role key kept offline signing
the archive key might be OK as well, but that leaves the question how
not to have that key compromised.
Thomas Viehmann, http://thomas.viehmann.net/