[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian APT Key Revocation Procedure

What are your plans if you ever have reason to believe that the Debian
archive signing key has been compromised?

http://ftp-master.debian.org/keys.html says:

> Key Revocation Procedure

> A revokation certificate for the archive key is produced at the time
of the creation of an archive key. The program gfshare (package
libgfshare-bin) (a Shamir's secret sharing scheme implementation) is
then used to produce 12 shares of which 7 are needed to recover the
revokation cert. This procedure is for use in emergencies only (such as
losing ftp-master.debian.org and all of the backups, a hopefully
unlikely event) as the key can normally be used to produce its own
revokation certificate.

But what could you do with the revocation certificate?

Only manually spread the news and ask users to obtain the revocation

Or will the apt on Debian user's machines somehow learn about that
revocation certificate? If so, how does that procedure work? Where is it

Reply to: