Re: Developer repositories for Debian
On Fri, May 10, 2013 at 4:33 AM, Russ Allbery wrote:
> That level of security isn't great, though. GPG keys are much more secure
> than that password. What we would want for equivalent security in a web
> interface is personal X.509 certificates.
> I think it would be interesting to have that infrastructure in place, but
> someone would need to build it (probably with some mechanism to bootstrap
> GPG keys into X.509 certificates -- and be careful of expiration times and
> figure out a good way to deal with revocation).
That mechanism already exists (and supports SSH too):
The monkeysphere developers are Debian folks and have discussed
monkeysphere with DSA at various DebConfs.