Re: Security guidelines for Debian people

To: debian-project@lists.debian.org
Subject: Re: Security guidelines for Debian people
From: Tollef Fog Heen <tfheen@err.no>
Date: Sun, 06 Nov 2011 13:44:08 +0100
Message-id: <[🔎] 877h3dpgiv.fsf@qurzaw.varnish-software.com>
Mail-followup-to: debian-project@lists.debian.org
In-reply-to: <[🔎] 20111106104854.GA11350@havelock.liw.fi> (Lars Wirzenius's message of "Sun, 6 Nov 2011 10:48:54 +0000")
References: <20111030173346.GA14860@havelock.liw.fi> <[🔎] 20111103163851.GA7752@jwilk.net> <[🔎] 20111103174436.GA3844@khazad-dum.debian.net> <[🔎] 20111106104854.GA11350@havelock.liw.fi>

]] Lars Wirzenius 

| Assuming we're talking about each developer's personal key: what
| things would they be signing that matter? Package upload signatures
| are relevant only until the upload gets accepted into the archive, and
| after that it's the archive signing key that matters.

Source packages are signed with the developer's key.

-- 
Tollef Fog Heen
UNIX is user friendly, it's just picky about who its friends are

Reply to:

Follow-Ups:
- Re: Security guidelines for Debian people
  - From: Lars Wirzenius <liw@liw.fi>

References:
- Re: Security guidelines for Debian people
  - From: Jakub Wilk <jwilk@debian.org>
- Re: Security guidelines for Debian people
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Security guidelines for Debian people
  - From: Lars Wirzenius <liw@liw.fi>

Prev by Date: Re: Security guidelines for Debian people
Next by Date: Re: Security guidelines for Debian people
Previous by thread: Re: Security guidelines for Debian people
Next by thread: Re: Security guidelines for Debian people
Index(es):
- Date
- Thread