Sean Whitton dijo [Thu, Jun 13, 2024 at 05:42:25AM +0800]: > > Actually, we can set acls on fingerprints and then that key wont be able > > to upload anymore. That is not something recorded in the keyrings or the > > DM list. Obviously that is not something used often (really really > > seldom), it is more for "this key is compromised badly, please turn off > > anything with it *NOW*" situations, which it's what Helmut meant with the > > urgent cases. > > Could you say more specifically how seldom, and also how long it usually > takes between you flicking the emergency switch, and the keyring team > pushing an update?
Quite hard to say. We have tried to cover differnt timezones between the (currently) three of us in keyring-maint, but it's not that uncommon we are all in North America. Sadly, it's not as common as I'd wish that we are all at DebConf. Usually, when we are notified of a compromised key (or keys that have to be urgently removed for urgent reasons), we act on it as soon as one of us can take it, and the keyring preparation + update + push process takes about one hour, tops. But there can be many reasons the three of us (keyring-maints) are unreachable for several hours.
