[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Developer repositories for Debian

On Fri, May 10, 2013 at 4:33 AM, Russ Allbery wrote:

> That level of security isn't great, though.  GPG keys are much more secure
> than that password.  What we would want for equivalent security in a web
> interface is personal X.509 certificates.
>
> I think it would be interesting to have that infrastructure in place, but
> someone would need to build it (probably with some mechanism to bootstrap
> GPG keys into X.509 certificates -- and be careful of expiration times and
> figure out a good way to deal with revocation).

That mechanism already exists (and supports SSH too):

http://web.monkeysphere.info/

The monkeysphere developers are Debian folks and have discussed
monkeysphere with DSA at various DebConfs.

-- 
bye,
pabs

http://wiki.debian.org/PaulWise
Reply to: