Re: many builds missing for krb5-appl & opensaml2 in stable-security
On Sun, Sep 25, 2011 at 01:35:46PM +0200, Kurt Roeckx wrote:
> I also don't understand why they get rejected once the key
> expired. The signatures are from before the key expired and
> perfectly valid.
I should probably clarify this. Of course you can't trust that
the signature wasn't made after the key expired.
But we really should have a process so that once it's accepted it
stays accepted, even when it moves to an other host.
Kurt
Reply to: