On 5/17/21 8:10 PM, Paul Spooren wrote:
On 5/16/21 3:57 PM, Hauke Mehrtens wrote:In my opinion this patch still lacks a *openwrt-next* key to allow a secure upgrade path between major releases.On 5/16/21 3:26 PM, Hauke Mehrtens wrote:Instead of adding all public signature keys from the openwrt-keyringrepository only add the key which is used to sign the OpenWrt 21.02 feeds.If one of the other keys would be compromised this would not affect users of 21.02 release builds. Signed-off-by: Hauke Mehrtens <ha...@hauke-m.de> ---
We can also add this later in some service release. Currently I wanted to remove all the personal keys from the trusted keys. Hauke
OpenPGP_0x93DD20630910B515.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel