[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Secure APT Key Management

* Martin Schulze:

> I'd really love to see this feature properly implemented.

The only approach which is known to work is static keys for stable
releases and stable security updates.  The keys can be stored off-line
or on-line, at the discretion of the respective teams.

So far, we have botched all yearly key rollovers, and there is zero
evidence that we'll get the first one that reallly matters right.
Unfortunately, the key rollover approach is generally assumed to be
required to achieve a decent level of security and strongly preferred
over the alternatives.  Needless to say, I very strongly disagree with
that position.

(IIRC, -release is not a discussion list, so details such be discussed

>From a release engineering view, the last possible date at which APT
key material can be included in d-i would be interesting, I guess.

Reply to: