Re: many builds missing for krb5-appl & opensaml2 in stable-security
Op maandag 03 oktober 2011 19:48:47 schreef Thijs Kinkhorst:
> Hi Kurt,
>
> Op zondag 25 september 2011 17:48:46 schreef Kurt Roeckx:
> > On Sun, Sep 25, 2011 at 01:35:46PM +0200, Kurt Roeckx wrote:
> > > I also don't understand why they get rejected once the key
> > > expired. The signatures are from before the key expired and
> > > perfectly valid.
> >
> > I should probably clarify this. Of course you can't trust that
> > the signature wasn't made after the key expired.
>
> Why do these keys expire so quickly? Can't we have a really large window,
> say a year, in which the key stays valid after the date it was last in
> use?
>
> > But we really should have a process so that once it's accepted it
> > stays accepted, even when it moves to an other host.
>
> How do you propose we solve this concrete issue?
I prefer that at least the krb5-appl and opensaml2 builds are made available
before the point release this weekend. Let me know what I can do to help.
Thijs
Reply to: