Re: Debian APT Key Revocation Procedure

To: debian-security@lists.debian.org
Subject: Re: Debian APT Key Revocation Procedure
From: Henrique de Moraes Holschuh <hmh@debian.org>
Date: Sun, 3 Nov 2013 18:52:51 -0200
Message-id: <[🔎] 20131103205250.GA14079@khazad-dum.debian.net>
In-reply-to: <[🔎] 20131103195633.GA16635@varinia.lobefin.net>
References: <52725325.7030906@riseup.net> <[🔎] 20131101171006.GA1597@khazad-dum.debian.net> <[🔎] 20131103195633.GA16635@varinia.lobefin.net>

On Sun, 03 Nov 2013, Stephen Gran wrote:
> This one time, at band camp, Henrique de Moraes Holschuh said:
> > For a more precise answer, please ask the debian-admin ML.
> 
> Why?  DSA has nothing to do with this.

Hmm, come to think of it you're correct that they're not the best team to
ask about it.  On second thought, ftp-masters are probably the best team to
ask about this, along with the Debian release team.

Anyway, it looks like it would be best to have the emergency key revocation
and roll-over procedure written down and published to the public.  If it is
already out there, a pointer would be appreciated.

AFAIK, the *regular* key rollovers are handled by a normal update of the
debian-archive-keyring package (extended to stable and old-stable as well),
plus email notification to the debian-announce ML.

-- 
  "One disk to rule them all, One disk to find them. One disk to bring
  them all and in the darkness grind them. In the Land of Redmond
  where the shadows lie." -- The Silicon Valley Tarot
  Henrique Holschuh

Reply to:

References:
- Re: Debian APT Key Revocation Procedure
  - From: Henrique de Moraes Holschuh <hmh@debian.org>
- Re: Debian APT Key Revocation Procedure
  - From: Stephen Gran <sgran@debian.org>

Prev by Date: Re: Debian APT Key Revocation Procedure
Next by Date: Bug#728890: libccss is unused and dead upstream
Previous by thread: Re: Debian APT Key Revocation Procedure
Next by thread: Re: Debian APT Key Revocation Procedure
Index(es):
- Date
- Thread