Re: State of the debian keyring

To: Gunnar Wolf <gwolf@gwolf.org>
Cc: Matthias Urlichs <smurf@smurf.noris.de>, Bart Martens <bartm@debian.org>, debian-project@lists.debian.org
Subject: Re: State of the debian keyring
From: Ian Jackson <ijackson@chiark.greenend.org.uk>
Date: Mon, 24 Feb 2014 17:57:57 +0000
Message-id: <21259.34853.289374.378737@chiark.greenend.org.uk>
In-reply-to: <20140223150449.GD32426@gwolf.org>
References: <20140123220729.GA25523@scru.org> <20140222224148.GA2130@scru.org> <20140222234641.GA31478@roeckx.be> <20140223003506.GE30391@gwolf.org> <lec9ll$hlh$1@posted-at.bofh.it> <20140223081228.GA1049@master.debian.org> <20140223092346.GA3116@smurf.noris.de> <20140223150449.GD32426@gwolf.org>

Gunnar Wolf writes ("Re: State of the debian keyring"):
> Our tools (and I don't only mean keyring-maint, but our projectwide
> tools) support only one key per person. And frankly, I do not see a
> case where adding a second one would increase security. Yes, it could
> make the transition a little bit easier, but I don't think it is a
> change we should push. (Or maybe I misunderstood your suggestion).

I think this is a bug.

It can increase security because it can make operations more
convenient at the same level of security, and because people trade off
convenience for security.

For example, it would be possible to have one key for email encryption
and a different (more secure) key for package uploads.

Ian.

Reply to:

Follow-Ups:
- Re: State of the debian keyring
  - From: Raphael Hertzog <hertzog@debian.org>
- Re: State of the debian keyring
  - From: Peter Palfrader <weasel@debian.org>
- Re: State of the debian keyring
  - From: Gunnar Wolf <gwolf@gwolf.org>

References:
- Re: State of the debian keyring
  - From: Clint Adams <clint@debian.org>
- Re: State of the debian keyring
  - From: Kurt Roeckx <kurt@roeckx.be>
- Re: State of the debian keyring
  - From: Gunnar Wolf <gwolf@gwolf.org>
- Re: State of the debian keyring
  - From: Marco d'Itri <md@Linux.IT>
- Re: State of the debian keyring
  - From: Bart Martens <bartm@debian.org>
- Re: State of the debian keyring
  - From: Matthias Urlichs <smurf@smurf.noris.de>
- Re: State of the debian keyring
  - From: Gunnar Wolf <gwolf@gwolf.org>

Prev by Date: Re: State of the debian keyring
Next by Date: Re: GR proposal: code of conduct
Previous by thread: Re: State of the debian keyring
Next by thread: Re: State of the debian keyring
Index(es):
- Date
- Thread