On Sun, 03 Nov 2013, Stephen Gran wrote: > This one time, at band camp, Henrique de Moraes Holschuh said: > > For a more precise answer, please ask the debian-admin ML. > > Why? DSA has nothing to do with this.
Hmm, come to think of it you're correct that they're not the best team to ask about it. On second thought, ftp-masters are probably the best team to ask about this, along with the Debian release team. Anyway, it looks like it would be best to have the emergency key revocation and roll-over procedure written down and published to the public. If it is already out there, a pointer would be appreciated. AFAIK, the *regular* key rollovers are handled by a normal update of the debian-archive-keyring package (extended to stable and old-stable as well), plus email notification to the debian-announce ML. -- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20131103205250.ga14...@khazad-dum.debian.net