May 17, 2021 21:53:01 Hauke Mehrtens <ha...@hauke-m.de>:
On 5/17/21 8:10 PM, Paul Spooren wrote:
On 5/16/21 3:57 PM, Hauke Mehrtens wrote:
On 5/16/21 3:26 PM, Hauke Mehrtens wrote:
Instead of adding all public signature keys from the openwrt-keyring
repository only add the key which is used to sign the OpenWrt 21.02
feeds.
If one of the other keys would be compromised this would not affect
users of 21.02 release builds.
Signed-off-by: Hauke Mehrtens <ha...@hauke-m.de>
---
Acked-by: Paul Spooren <m...@aparcar.org>
In my opinion this patch still lacks a *openwrt-next* key to allow a
secure upgrade path between major releases.
We can also add this later in some service release.
Currently I wanted to remove all the personal keys from the trusted
keys.
Hauke
--
_______________________________________________
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
