Re: Archive GPG key expiring process

To: debian-security@lists.debian.org
Subject: Re: Archive GPG key expiring process
From: Patrick Schleizer <adrelanos@riseup.net>
Date: Sat, 18 Oct 2014 13:55:20 +0000
Message-id: <[🔎] 54427148.8070309@riseup.net>
In-reply-to: <[🔎] 1413636264.6447.67.camel@debian.org>
References: <[🔎] CAHkeM_ALR-swnSLvW+ZDh-B9RdtrECFELPbFP84TQ8T1u08gAQ@mail.gmail.com> <[🔎] 54414E7D.7040007@riseup.net> <[🔎] 1413636264.6447.67.camel@debian.org>

Yves-Alexis Perez:
> On ven., 2014-10-17 at 17:14 +0000, Patrick Schleizer wrote:
>> Debian has no good mechanism to revoke apt keys in case of compromise,
>> neither a way to inform users in emergency situations:
>> https://lists.debian.org/debian-security/2013/10/msg00065.html
> 
> The only information is that thread (which is true for this one too) is
> that you failed to contact the relevant people.

Answers in,
- https://lists.debian.org/debian-security/2013/11/msg00011.html
- https://lists.debian.org/debian-security/2013/11/msg00014.html
- https://ftp-master.debian.org/keys.html
are sufficient.

Otherwise, what are the relevant people, how to contact them?

Perhaps we have a different understanding of "good mechanism to revoke
apt keys in case of compromise, neither a way to inform users in
emergency situations"?

Cheers,
Patrick

Reply to:

Follow-Ups:
- Re: Archive GPG key expiring process
  - From: Yves-Alexis Perez <corsac@debian.org>

References:
- Archive GPG key expiring process
  - From: David Hubner <david.hubner@smoothwall.net>
- Re: Archive GPG key expiring process
  - From: Patrick Schleizer <adrelanos@riseup.net>
- Re: Archive GPG key expiring process
  - From: Yves-Alexis Perez <corsac@debian.org>

Prev by Date: Re: Archive GPG key expiring process
Next by Date: Re: Archive GPG key expiring process
Previous by thread: Re: Archive GPG key expiring process
Next by thread: Re: Archive GPG key expiring process
Index(es):
- Date
- Thread