[D-m-team] Creating changesets
Joey Hess
joeyh at debian.org
Tue Nov 20 19:27:12 UTC 2007
Anthony Towns wrote:
> Doesn't keycheck need network to make sure its copy of the DD keyring is up
> to date?
It does support using cached data, doesn't need to hit the network every
time.
> Sorry, I meant revocations of the *DM* key. eg, the case where it's been
> stolen, and the thief is using the compromised key to get access to the
> Debian archive, eg.
Ah, definitly worth hitting the network to check that.
> Maybe a better approach would be to strip non-DD sigs, instead? That
> could apply to both the DM keyring and the DD keyring. I'm not sure how
> possible it is.
Not sure if it would save much overall. If a DM has a great many
non-debian sigs, that's probably interesting, too..
--
see shy jo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/d-m-team/attachments/20071120/8146c3f0/attachment.pgp
More information about the D-m-team
mailing list