Yes, that is what I meant. Sorry for any confusion about this. Thanks, Justin
On Tue, Feb 12, 2013 at 3:40 AM, Giovanni Bajo <[email protected]> wrote: > Il giorno 11/feb/2013, alle ore 20:33, Justin Cappos <[email protected]> > ha scritto: > > Once again, apologies for being mostly out of this discussion for the next > 10 days or so, but I did want to jump in and clarify a point. > > TUF can be used exactly with a one-key-per-devel model. (If fact, see > our CCS 10 paper on this for details.) > > It's possible to revoke keys and have split keys, etc. but a "simple" > developer setup is just as simple as what you propose. > > > Sorry I can't find this in the CCS10 document, but maybe it's just that I > don't understand what you mean. The document talks about 1 key per role > (ยง8.2), but there are still 4 roles that need to be implemented, as far as > I can tell. Are you suggesting that a single developer only handles the > target role, while the others are centrally handled by PyPI? > > -- > Giovanni Bajo :: [email protected] > Develer S.r.l. :: http://www.develer.com > > My Blog: http://giovanni.bajo.it > > > > > > > > _______________________________________________ > Catalog-SIG mailing list > [email protected] > http://mail.python.org/mailman/listinfo/catalog-sig > >
_______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
