[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bits from keyring-maint



On Wed, 15 Sep 2010 12:41:49 -0300 Henrique de Moraes Holschuh
<hmh@debian.org> wrote:
> On Wed, 15 Sep 2010, Felipe Sateler wrote:
> > On 14/09/10 01:18, Gunnar Wolf wrote:
> > > - Your new key should be signed by two or more other Debian
> > > Developers
> > 
> > The NM and DM processes require only one signature. Why is it
> > harder to replace a key than to become a DD?
> 
> Or rather, why the requirements for the first key any weaker than
> those for DD key replacement?

Or rather, what is the specific threat that the policy is designed to
address? Does it succeed?

Perry
-- 
Perry E. Metzger		perry@piermont.com


Reply to: