On 10/02/11, 03:57:46, Ben Walton <[email protected]> wrote regarding Re: [csw-maintainers] [policy] GPG Signing Key handling:
> > the release manager, and the backup release manager. So it is > > already redundantly held. > Nothing slight against James, but as he's not a member, his holding > the key does not count as redundancy for the purpose of this > discussion. If I were a member I could leave so the point is invalid. I have held the key since before OpenCSW existed so the point is doubly invalid. This is because of the practical problem of how people relinquish knowledge at cessation of a role. An escrow was required and for now I have provided that service. Of course trust is used and a risk exists but assess what the risk is and how alternative plans reduce or remove risk and reliance on trust. James. _______________________________________________ maintainers mailing list [email protected] https://lists.opencsw.org/mailman/listinfo/maintainers .:: This mailing list's archive is public. ::.
