Re: Archive GPG key expiring process
Yves-Alexis Perez:
> On ven., 2014-10-17 at 17:14 +0000, Patrick Schleizer wrote:
>> Debian has no good mechanism to revoke apt keys in case of compromise,
>> neither a way to inform users in emergency situations:
>> https://lists.debian.org/debian-security/2013/10/msg00065.html
>
> The only information is that thread (which is true for this one too) is
> that you failed to contact the relevant people.
Answers in,
- https://lists.debian.org/debian-security/2013/11/msg00011.html
- https://lists.debian.org/debian-security/2013/11/msg00014.html
- https://ftp-master.debian.org/keys.html
are sufficient.
Otherwise, what are the relevant people, how to contact them?
Perhaps we have a different understanding of "good mechanism to revoke
apt keys in case of compromise, neither a way to inform users in
emergency situations"?
Cheers,
Patrick
Reply to: