* Matthew Toseland <toad at amphibian.dyndns.org> [2006-05-19 20:04:14]:
> On Fri, May 19, 2006 at 08:38:35PM +0200, Lars Juel Nielsen wrote: > > > > I like the initial post but as Ian say it is overkill at least for > > now. The problem is, how hard will it be to update it later to a > > better solution if needed? > > > > As far as I can see Matthew's proposal cover any possible case, > > including the one Ian argument for being the most likely which is > > probably is too, but it's not 95% of all cases. > > I'd prefer not to implement something that was way too simple, and have > to complicate things later by keeping back-compatibility. I don't think that having two kinds of revocation keys would hurt. I do think we need some kind of revocable USK soon, ... a simple thing: no trustees nor "new key". Just something to advertise that the key has been blown and that the user has to look for a new one by "other means". > > But I don't see that it's a really urgent problem anyway; update from > the web site does work, this is more of a strategic question. Certainly > good to have for 0.7.0, but it's not necessary to have it for next week. > Not that I'm saying it would take a week to implement. But I don't see > any reason to implement something which is below the minimum which would > be necessary to be used by FPI for auto-updating and a project freesite. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20060519/586eeea0/attachment.pgp>
