* Anthony Towns (aj@azure.humbug.org.au) [060730 15:10]:
On Sun, Jul 30, 2006 at 12:56:26PM +0200, Martin Schulze wrote:
Florian Weimer stated[4] that the only approach known to work is
static keys for stable releases and stable security updates.
For stable updates, an off-site key would
Anthony Towns aj@azure.humbug.org.au writes:
Joey: Thanks for the Bcc.
On Sun, Jul 30, 2006 at 12:56:26PM +0200, Martin Schulze wrote:
5. http://lists.debian.org/debian-release/2006/07/msg00202.html
Rapha?l Hertzog suggested[2] to use two signatures, one from a yearly
key and one from a
Last week I started a discussion[1] to find out the current status of key
management in Secure APT which is a release goal for etch and said to
be included in the next release of Debian. I don't find the situation
terribly promising, though, but here's a summary, so we may come to a
solution some
Joey: Thanks for the Bcc.
On Sun, Jul 30, 2006 at 12:56:26PM +0200, Martin Schulze wrote:
The way he envisions key management is that every Debian machine
trusts the SPI CA. Debian should provide a webpage for downloading
and verifying keys, protected by SSL/TLS. The use would require
I
also sprach Anthony Towns aj@azure.humbug.org.au [2006.07.30.1408 +0100]:
On Sun, Jul 30, 2006 at 12:56:26PM +0200, Martin Schulze wrote:
The way he envisions key management is that every Debian machine
trusts the SPI CA. Debian should provide a webpage for downloading
and verifying keys,
5 matches
Mail list logo