Hi Emilio,

On Fri, May 05, 2023 at 02:15:15PM +0200, Emilio Pozuelo Monfort wrote:
> Control: forwarded -1 
> https://salsa.debian.org/ftp-team/dak/-/merge_requests/270
> Hi,
> On Wed, 09 Mar 2016 19:36:02 +0100 Moritz Muehlenhoff <j...@debian.org> wrote:
> > Package: ftp.debian.org
> > Severity: wishlist
> > 
> > This was discussed at one of the past security team meetings, but
> > there was never a bug for that:
> > 
> > (This is a first high level view, the exact requirements can be hashed
> > out later.)
> > 
> > Right now to release a security update one needs shell access on
> > security-master. It would be great to allow the release of a security
> > update via a PGP-signed control message (similar to how changes files
> > need to be signed to allow uploads).
> > 
> > The next step would then be an ACL mechanism where trusted DDs can be
> > granted the possibility to release DSAs on their own (after the
> > security team having acked the debdiff). (This also needs some tweaks
> > for the debian-security-announce moderation script, but that's
> > unrelated to this task.
> There's now a MR at [1] that should address the ACL for dak. Feel free to
> comment if you have any feedback.

It looks ftp-master have implemented now part on dak side for it
according to your MR, but how would that would be used? How wold a
package in the embargoed policy queues be released accordingly with a
signed commands file? What setup steps are needed on our end? 


Reply via email to