* Matthew Toseland <[EMAIL PROTECTED]> [2006-05-19 20:04:14]:

> On Fri, May 19, 2006 at 08:38:35PM +0200, Lars Juel Nielsen wrote:
> > 
> > I like the initial post but as Ian say it is overkill at least for
> > now. The problem is, how hard will it be to update it later to a
> > better solution if needed?
> > 
> > As far as I can see Matthew's proposal cover any possible case,
> > including the one Ian argument for being the most likely which is
> > probably is too, but it's not 95% of all cases.
> 
> I'd prefer not to implement something that was way too simple, and have
> to complicate things later by keeping back-compatibility.

I don't think that having two kinds of revocation keys would hurt.

I do think we need some kind of revocable USK soon, ... a simple thing:
no trustees nor "new key". Just something to advertise that the key has
been blown and that the user has to look for a new one by "other means".

> 
> But I don't see that it's a really urgent problem anyway; update from
> the web site does work, this is more of a strategic question. Certainly
> good to have for 0.7.0, but it's not necessary to have it for next week.
> Not that I'm saying it would take a week to implement. But I don't see
> any reason to implement something which is below the minimum which would
> be necessary to be used by FPI for auto-updating and a project freesite.

Attachment: signature.asc
Description: Digital signature

_______________________________________________
Devl mailing list
[email protected]
http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl

Reply via email to