Re: bits from the release team
* Lionel Elie Mamane:
> Why can't we have a master key that signs the yearly keys? After all,
> we have a long-term unique X.509 master key, so what's the difference
> with OpenPGP?
End users are typically not exposed to the X.509 keys, which makes
things a lot easier.
By the way, if you've got a master key, you need to plan for key
rollover, too. Why not apply that procedure directly to the keys used
to sign the release files? A yearly key change just results in
unnecessary administrative overhead for our users, without providing
any real benefit to them. A key compromise still needs manual
intervention.
At the very least, if we have to keep that yearly key change for
political reasons, please schedule it in a way that it doesn't happen
in January.
Reply to: