Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository

To: debian-devel@lists.debian.org
Subject: Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
From: Patrick Schoenfeld <schoenfeld@in-medias-res.com>
Date: Sun, 22 Jun 2008 23:06:38 +0200
Message-id: <[🔎] 20080622210638.GC4944@in-medias-res.com>
In-reply-to: <[🔎] 1214168083.3907.33.camel@dwarf.codehelp>
References: <[🔎] 20080621122748.GA20837@thorin> <[🔎] 20080621135212.GA27751@apu.snow-crash.org> <[🔎] 200806211935.05366.holger@layer-acht.org> <[🔎] 20080621173807.GB1591@connexer.com> <[🔎] 20080622161424.GA3293@in-medias-res.com> <[🔎] 485E951E.8070801@zombino.com> <[🔎] 87y74xw99x.fsf@frosties.localdomain> <[🔎] 20080622203912.GB4944@in-medias-res.com> <[🔎] 1214168083.3907.33.camel@dwarf.codehelp>

Hi Neil,

On Sun, Jun 22, 2008 at 09:54:43PM +0100, Neil Williams wrote:
> > Do you mean from a central repository, somewhat like a keyserver? :-)
> > How would one check integrity then?
> 
> Precisely as you do with any key - signatures and gpg integrity checks
> when the key is imported into apt-key.

well I understood the proposal to do it automatically so it wouldn't
happen like I handle it currently. Now I have the possibility to
explicit allow and deny certain keys in my setup. I can do this by
checking mostly objective standpoints but also because I don't like the
nose of the one providing the repository, so to say.

Thats an important point, because technical aspects cannot decide
weither you trust someone or not (except for the trust level on the key)
So the key would needed to be signed by someone who *I* actually trust.

Regards,
Patrick

Reply to:

Follow-Ups:
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Goswin von Brederlow <goswin-v-b@web.de>

References:
- ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Robert Millan <rmh@aybabtu.com>
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Alexander Wirt <formorer@debian.org>
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Holger Levsen <holger@layer-acht.org>
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Roberto C. Sánchez <roberto@connexer.com>
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Patrick Schoenfeld <schoenfeld@in-medias-res.com>
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Adam Majer <adamm@zombino.com>
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Goswin von Brederlow <goswin-v-b@web.de>
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Patrick Schoenfeld <schoenfeld@in-medias-res.com>
- Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
  - From: Neil Williams <codehelp@debian.org>

Prev by Date: Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
Next by Date: Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
Previous by thread: Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
Next by thread: Re: ITP: debian-backports-keyring -- GnuPG archive key of the backports.org repository
Index(es):
- Date
- Thread