future keys

To: debian-devel@lists.debian.org
Subject: future keys
From: Adam Borowski <kilobyte@angband.pl>
Date: Mon, 19 Mar 2007 10:49:47 +0100
Message-id: <[🔎] 20070319094947.GA13746@angband.pl>

Whee?!

While testing Etch upgrades on some old boxes, I noticed that key management
issues get worse and worse, especially if some time happens between upgrades.
Even when ignoring all users of "testing", upgrades between stable releases
kind of _have_ to work well.  So, here's my idea:

Could you please generate the Lenny and perhaps even Alien keys, both
testing and stable, and stick them into debian-archive-keyring before Etch
is released?  The private keys could be, let's say, buried under a tree
in the Secretary's garden. [1]

While keeping a key that is in use safe can be a tricky issue, having a
future key stored away is something easy to do in a secure manner.  And,
when the need arises, the public keys are already distributed.

[1]. Most of less melodramatic solutions would work at least as good.
-- 
1KB		// Microsoft corollary to Hanlon's razor:
		//	Never attribute to stupidity what can be
		//	adequately explained by malice.

Reply to:

Follow-Ups:
- Re: future keys
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>

Prev by Date: DM vs DD and security
Next by Date: Re: Problems packaging a kernel using cdbs
Previous by thread: Re: DM vs DD and security
Next by thread: Re: future keys
Index(es):
- Date
- Thread