Re: SSL for debian.org/security?

To: Henrik Ahlgren <pablo@seestieto.com>
Cc: Hans-Christoph Steiner <hans@at.or.at>, Pedro Worcel <pedro@worcel.com>, Andreas Kuckartz <a.kuckartz@ping.de>, Debian <debian-security@lists.debian.org>
Subject: Re: SSL for debian.org/security?
From: Jérémie Marguerie <jeremie@marguerie.org>
Date: Tue, 12 Nov 2013 12:14:27 -0800
Message-id: <[🔎] CAKS89GrOp2nNh2cjpzX-Pi-3S_qNMm8NGO81TKPENf4Wk-O3pA@mail.gmail.com>
In-reply-to: <[🔎] 20131112185858.GK27559@seestieto.com>
References: <CAAy1gkeUt_jr0uDt0B=HdnAZnmmHDqygrwgYg4dU7X9zjVUrSA@mail.gmail.com> <526F7FDF.7030601@tightwax.com> <CAM5XQnxCxogD4JMaqyS27zzsorFZ-G8Dsa_71sABGFQHChmrag@mail.gmail.com> <526F855D.1080507@gmail.com> <[🔎] CAF8px56hAkiE8_GiV=jr0AWiNdfhUF-x7-7oeCwe5VGGT1M_cA@mail.gmail.com> <[🔎] CAKS89GrBGt0Uyq0bSn6GnO-QQ5xz8f3kVDGGvc8QDUJbWOdvvg@mail.gmail.com> <[🔎] 52818C3A.6050000@at.or.at> <[🔎] 5281C93A.8040503@ping.de> <[🔎] CAPS+U984skUez8i1uP0v6ubKMnk4K4Ny8f4d2mwm+5gRRD-Gfw@mail.gmail.com> <[🔎] 5282704A.60107@at.or.at> <[🔎] 20131112185858.GK27559@seestieto.com>

On Tue, Nov 12, 2013 at 10:58 AM, Henrik Ahlgren <pablo@seestieto.com> wrote:
> But there is the significant downside that it is not possible to
> backup the key, so if the card gets destroyed in a fire or just fails
> and stops working, the key needs to be revoked, since only one
> physical copy of the private key exists. (Which also means that only
> one machine can sign with the key.)

Correct me if I'm wrong but if the key is destroyed, then you revoke
it with the signing third party that signed the key.

-- 
Jérémie MARGUERIE

Reply to:

References:
- Re: SSL for debian.org/security?
  - From: Mike Mestnik <cheako@mikemestnik.net>
- Re: SSL for debian.org/security?
  - From: Jérémie Marguerie <jeremie@marguerie.org>
- Re: SSL for debian.org/security?
  - From: Hans-Christoph Steiner <hans@at.or.at>
- Re: SSL for debian.org/security?
  - From: "Andreas Kuckartz" <a.kuckartz@ping.de>
- Re: SSL for debian.org/security?
  - From: Pedro Worcel <pedro@worcel.com>
- Re: SSL for debian.org/security?
  - From: Hans-Christoph Steiner <hans@at.or.at>
- Re: SSL for debian.org/security?
  - From: Henrik Ahlgren <pablo@seestieto.com>

Prev by Date: Re: SSL for debian.org/security?
Next by Date: pound: TLS compression is insecure (CRIME attack) and can't be disabled
Previous by thread: Re: SSL for debian.org/security?
Next by thread: How (un)safe would Debian be when only using the security.debian.org repository?
Index(es):
- Date
- Thread