[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: State of the debian keyring

Gunnar Wolf writes ("Re: State of the debian keyring"):
> Our tools (and I don't only mean keyring-maint, but our projectwide
> tools) support only one key per person. And frankly, I do not see a
> case where adding a second one would increase security. Yes, it could
> make the transition a little bit easier, but I don't think it is a
> change we should push. (Or maybe I misunderstood your suggestion).

I think this is a bug.

It can increase security because it can make operations more
convenient at the same level of security, and because people trade off
convenience for security.

For example, it would be possible to have one key for email encryption
and a different (more secure) key for package uploads.


Reply to: