Re: Developer repositories for Debian
On Fri, May 10, 2013 at 4:33 AM, Russ Allbery wrote:
> That level of security isn't great, though. GPG keys are much more secure
> than that password. What we would want for equivalent security in a web
> interface is personal X.509 certificates.
>
> I think it would be interesting to have that infrastructure in place, but
> someone would need to build it (probably with some mechanism to bootstrap
> GPG keys into X.509 certificates -- and be careful of expiration times and
> figure out a good way to deal with revocation).
That mechanism already exists (and supports SSH too):
http://web.monkeysphere.info/
The monkeysphere developers are Debian folks and have discussed
monkeysphere with DSA at various DebConfs.
--
bye,
pabs
http://wiki.debian.org/PaulWise
Reply to: