> while i agree with rjh that destruction of the current SKS-based > keyserver network (either by technical or legal means) would today be a > net loss, this statement goes too far.
I welcome the correction, but I stand by my statement. Many users, particularly in corporate environments, roll their own packages and rely on the keyservers to propagate those signing keys worldwide. I know I've seen RHEL corporate networks doing this; I _believe_ I've seen Ubuntu-based corporate networks doing this. (Back in 2016 I wound up doing just this task for an RHEL network, while my officemate handled the Ubuntu machines -- I have no hands-on experience with the Ubuntu side of things, just recollections of hearing my officemate talk about them.) It is correct, though, to say official Debian packages would have minimal disruption. Thank you. :)
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users