From Fedora Project Wiki
(Ask for what happens in a worst case scenario) |
No edit summary |
||
Line 1: | Line 1: | ||
* [[User:Markmc|markmc]] Yay! (is that helpful? :-) | * [[User:Markmc|markmc]] Yay! (is that helpful? :-) | ||
* [[User:Toshio|toshio]] So what happens when this single signing key is compromised? | * [[User:Toshio|toshio]] So what happens when this single signing key is compromised? | ||
** [[User:jkeating]] We create a new key, and start resigning things for the active releases. Ideally we'll be signing repodata by then too with keys that do change per release which can mitigate issues with existing repos. |
Revision as of 00:15, 19 June 2009
- markmc Yay! (is that helpful? :-)
- toshio So what happens when this single signing key is compromised?
- User:jkeating We create a new key, and start resigning things for the active releases. Ideally we'll be signing repodata by then too with keys that do change per release which can mitigate issues with existing repos.