martin f krafft wrote:
also sprach Martin Schulze [EMAIL PROTECTED] [2005.02.14.1851 +0100]:
We need help by competent developers who work on apt 0.6 with the goal
to get it supported properly and eventually enter sid and sarge.
Thank you, Joey!
For the record, I am too strung up right
Florian Weimer wrote:
* Henrique de Moraes Holschuh:
You still need to deal with key revocation and a new key being needed,
anyway. Yearly changes will not make it more difficult, it will make sure
those codepaths are tested (and used at least once an year).
I can understand that in an
* Martin Schulze:
Even though this will probably work well on a small scale, it won't on
a large scale. Just think about the installations of 500 or 1000
Debian machines that also have security support. This is not
hypothetical. These installations do exist. You don't want to
install a
Martin Schulze [EMAIL PROTECTED] writes:
| - key management,
- are able to review the key management part and
- design and discuss this with the release team
- (re-)design and discuss package updates and security updates
- take into account that the archive key is rotated yearly
Moin,
We need help by competent developers who work on apt 0.6 with the goal
to get it supported properly and eventually enter sid and sarge.
There is a good chance the release will happen before the issues with
apt 0.6 are resolved, so this may be a task that cannot address sarge
in time but
also sprach Martin Schulze [EMAIL PROTECTED] [2005.02.14.1851 +0100]:
We need help by competent developers who work on apt 0.6 with the goal
to get it supported properly and eventually enter sid and sarge.
Thank you, Joey!
For the record, I am too strung up right now to be any use in
On Mon, 14 Feb 2005, martin f krafft wrote:
also sprach Martin Schulze [EMAIL PROTECTED] [2005.02.14.1851 +0100]:
We need help by competent developers who work on apt 0.6 with the goal
to get it supported properly and eventually enter sid and sarge.
Thank you, Joey!
For the record, I am
On Mon, 14 Feb 2005, Henrique de Moraes Holschuh wrote:
Why? What argument is there against a per-release key, including
keys for security, testing, unstable, and experimental? It would
certainly make things a little easier...
You still need to deal with key revocation and a new key
also sprach Henrique de Moraes Holschuh [EMAIL PROTECTED] [2005.02.14.1933
+0100]:
You still need to deal with key revocation and a new key being
needed, anyway. Yearly changes will not make it more difficult,
it will make sure those codepaths are tested (and used at least
once an year).
I
On Mon, Feb 14, 2005 at 08:04:51PM +0100, Peter Palfrader wrote:
A similar 2 key system is probably a good idea for security, and maybe
also for the normal rotated keys (just ship 2005 and 2006 keys now).
i think having two keys would make logistics a lot simpler for release
upgrades, assuming
* Henrique de Moraes Holschuh:
You still need to deal with key revocation and a new key being needed,
anyway. Yearly changes will not make it more difficult, it will make sure
those codepaths are tested (and used at least once an year).
Right now, it's not codepaths, but system
Quoting Martin Schulze ([EMAIL PROTECTED]):
Moin,
We need help by competent developers who work on apt 0.6 with the goal
to get it supported properly and eventually enter sid and sarge.
There is a good chance the release will happen before the issues with
apt 0.6 are resolved, so this may
12 matches
Mail list logo