Maybe include 10 keys in the distribution? key1: valid from 2003 untill 2004 key2: valid from 2004 untill 2005 key3: valid from 2005 untill 2006 etc. The keys should be kept apart from eachother in a safe. Daniel On Thu, 2004-12-30 at 13:38 +0100, martin f krafft wrote: > Assume it's the end of 2007 and etch has been out for a while. Also > assume that etch uses APT 0.6, which features archive signatures. In > January 2008, the FTP masters publish a new key to the web, the > keyrings, and the debian-keyring package, and start signing the > archive with that key from now on. Are security updates now signed > with the 2008 key, or will there be separate key for the security > team? If the former, how do we get the 2008 key onto users' stable > systems from 2007? > > Thanks, > -- Daniel van Eeden <daniel_e@dds.nl>
Attachment:
smime.p7s
Description: S/MIME cryptographic signature