Hi,
On Wed, Jan 28, 2015 at 06:10:13PM -0500, Paul Wouters wrote:
I could put them under fedor...@fedoraproject.org ?
Please use fedora-xx-primary and fedora-xx-secondary, these are now used
starting with Fedora 23.
Regards
Till
--
devel mailing list
devel@lists.fedoraproject.org
Paul Wouters wrote:
On Wed, 28 Jan 2015, Till Maas wrote:
| 5) almost all these keys are old keys of which I could forge a fake
| matching keyid and upload it to public key servers.
Can you explain this? For which keys is this not possiblea
On Wed, 28 Jan 2015, Till Maas wrote:
The keyid is part of the fingerprint, so with the fingerprint one can
download the key and verify it. Therefore it is the only right thing to
do.
I'm not saying don't store the fingerprint, but use a separate field for
that which is not the keyid field.
On Wed, Jan 28, 2015 at 06:10:13PM -0500, Paul Wouters wrote:
On Wed, 28 Jan 2015, Till Maas wrote:
The keyid is part of the fingerprint, so with the fingerprint one can
download the key and verify it. Therefore it is the only right thing to
do.
I'm not saying don't store the fingerprint,
