[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: updates to the apt keys?

Maybe include 10 keys in the distribution?
key1: valid from 2003 untill 2004
key2: valid from 2004 untill 2005
key3: valid from 2005 untill 2006

The keys should be kept apart from eachother in a safe.


On Thu, 2004-12-30 at 13:38 +0100, martin f krafft wrote:
> Assume it's the end of 2007 and etch has been out for a while. Also
> assume that etch uses APT 0.6, which features archive signatures. In
> January 2008, the FTP masters publish a new key to the web, the
> keyrings, and the debian-keyring package, and start signing the
> archive with that key from now on. Are security updates now signed
> with the 2008 key, or will there be separate key for the security
> team? If the former, how do we get the 2008 key onto users' stable
> systems from 2007?
> Thanks,
Daniel van Eeden <daniel_e@dds.nl>

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to: