zarb-ml/mageia-dev/20110131/002386.html


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
 <HEAD>
   <TITLE> [Mageia-dev] PGP keys and package signing
   </TITLE>
   <LINK REL="Index" HREF="index.html" >
   <LINK REL="made" HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20PGP%20keys%20and%20package%20signing&In-Reply-To=%3CAANLkTik8tetqX1DCSp2LAU_qOZEoXVDOZkjCF9Yy0Pae%40mail.gmail.com%3E">
   <META NAME="robots" CONTENT="index,nofollow">
   <META http-equiv="Content-Type" content="text/html; charset=us-ascii">
   <LINK REL="Previous"  HREF="002403.html">
   <LINK REL="Next"  HREF="002387.html">
 </HEAD>
 <BODY BGCOLOR="#ffffff">
   <H1>[Mageia-dev] PGP keys and package signing</H1>
    <B>Christophe Fergeau</B> 
    <A HREF="mailto:mageia-dev%40mageia.org?Subject=Re%3A%20%5BMageia-dev%5D%20PGP%20keys%20and%20package%20signing&In-Reply-To=%3CAANLkTik8tetqX1DCSp2LAU_qOZEoXVDOZkjCF9Yy0Pae%40mail.gmail.com%3E"
       TITLE="[Mageia-dev] PGP keys and package signing">cfergeau at gmail.com
       </A><BR>
    <I>Mon Jan 31 12:13:04 CET 2011</I>
    <P><UL>
        <LI>Previous message: <A HREF="002403.html">[Mageia-dev] PGP keys and package signing
</A></li>
        <LI>Next message: <A HREF="002387.html">[Mageia-dev] PGP keys and package signing
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#2386">[ date ]</a>
              <a href="thread.html#2386">[ thread ]</a>
              <a href="subject.html#2386">[ subject ]</a>
              <a href="author.html#2386">[ author ]</a>
         </LI>
       </UL>
    <HR>  
<!--beginarticle-->
<PRE>Hey,

2011/1/31 nicolas vigier &lt;<A HREF="https://www.mageia.org/mailman/listinfo/mageia-dev">boklm at mars-attacks.org</A>&gt;:
&gt;<i> &#160;- In case we think the packages@ key may have been compromised, or is
</I>&gt;<i> &#160; too old, or we want to change it for any other reason, we revoke the
</I>&gt;<i> &#160; key, and/or revoke the signature from board@ so that it is no
</I>&gt;<i> &#160; longer accepted by urpmi. We create a new key, we sign it with
</I>&gt;<i> &#160; the board@ key and we can start to use this new key.
</I>
Will all existing packages be reviewed and resigned when they key is
thought to have been compromised? What happens on user systems when
this is done? Will they have to reinstall all packages signed with the
new key?

Christophe
</PRE>


<!--endarticle-->
    <HR>
    <P><UL>
        <!--threads-->
	<LI>Previous message: <A HREF="002403.html">[Mageia-dev] PGP keys and package signing
</A></li>
	<LI>Next message: <A HREF="002387.html">[Mageia-dev] PGP keys and package signing
</A></li>
         <LI> <B>Messages sorted by:</B> 
              <a href="date.html#2386">[ date ]</a>
              <a href="thread.html#2386">[ thread ]</a>
              <a href="subject.html#2386">[ subject ]</a>
              <a href="author.html#2386">[ author ]</a>
         </LI>
       </UL>

<hr>
<a href="https://www.mageia.org/mailman/listinfo/mageia-dev">More information about the Mageia-dev
mailing list</a><br>
</body></html>