Re: many builds missing for krb5-appl & opensaml2 in stable-security

To: Kurt Roeckx <kurt@roeckx.be>
Cc: debian-wb-team@lists.debian.org, team@security.debian.org, ftp-master@debian.org
Subject: Re: many builds missing for krb5-appl & opensaml2 in stable-security
From: Thijs Kinkhorst <thijs@debian.org>
Date: Mon, 3 Oct 2011 19:48:47 +0200
Message-id: <[🔎] 201110031948.48525.thijs@debian.org>
In-reply-to: <20110925154846.GA5939@roeckx.be>
References: <6729795c4819fdabd6d9e35490a68b4f.squirrel@wm.kinkhorst.nl> <20110925113546.GA32371@roeckx.be> <20110925154846.GA5939@roeckx.be>

Hi Kurt,

Op zondag 25 september 2011 17:48:46 schreef Kurt Roeckx:
> On Sun, Sep 25, 2011 at 01:35:46PM +0200, Kurt Roeckx wrote:
> > I also don't understand why they get rejected once the key
> > expired.  The signatures are from before the key expired and
> > perfectly valid.
> 
> I should probably clarify this.  Of course you can't trust that
> the signature wasn't made after the key expired.

Why do these keys expire so quickly? Can't we have a really large window, say 
a year, in which the key stays valid after the date it was last in use?

> But we really should have a process so that once it's accepted it
> stays accepted, even when it moves to an other host.

How do you propose we solve this concrete issue?


Thijs

Reply to:

Follow-Ups:
- Re: many builds missing for krb5-appl & opensaml2 in stable-security
  - From: Thijs Kinkhorst <thijs@debian.org>

Prev by Date: Re: Please give-back aspectc++ on mips
Next by Date: Re: Please give-back aspectc++ on mips
Previous by thread: Re: Please give-back aspectc++ on mips
Next by thread: Re: many builds missing for krb5-appl & opensaml2 in stable-security
Index(es):
- Date
- Thread