On Fri, Mar 25, 2011 at 3:15 AM, Torsten Veller <ml-en@veller.wrote: > * Mike Frysinger <vap...@gentoo.org>: >> On Thu, Mar 24, 2011 at 8:09 PM, Antoni Grzymala wrote: > [Manifest signing] >> > Does that get us any closer to GLEPs 57, 58, 59 (or generally >> > approaching the tree-signing/verifying group of problems)? >> >> yes > > I think, it's a "no". > The MetaManifest GLEP relies on a signed top-level "MetaManifest" which > hashes all sub Manifests, whether they are signed or not doesn't matter.
that's *one* of the three gleps > Do you want to reject signed commits if > - keys are not publicly available [1] no. e-mail warnings will be issued so that the dev can upload it after the fact. > - signatures are from expired keys [2] not generally an issue since gpg itself will not allow it, but i guess we can be paranoid about it on the server to avoid people locally turning back their clocks after having snipped someones expired key. we might want to add an automatic e-mail warning to the developer when their key is about to expire (like 1 week). > - keys are revoked [3] yes > - keys are not listed in userinfo.xml (current or former devs) [4] no. you can sign a key with your personal key and that's good enough. -mike
