[Dwn-trans-commit] CVS public_html/src/Writing/DWN
CVS User joey
joey at infodrom.org
Sun Jul 30 11:18:59 UTC 2006
Update of /var/cvs/infodrom.org/public_html/src/Writing/DWN
In directory finlandia:/home/users/joey/Projects/Web/public_html/src/Writing/DWN
Modified Files:
dwn-2006-31.wml
Log Message:
Secure APT Key Management
--- /var/cvs/infodrom.org/public_html/src/Writing/DWN/dwn-2006-31.wml 2006/07/30 05:59:06 1.10
+++ /var/cvs/infodrom.org/public_html/src/Writing/DWN/dwn-2006-31.wml 2006/07/30 11:18:59 1.11
@@ -45,6 +45,19 @@
its website, cooperate on press releases provide and a supportive basis for
future cooperation and consultation.</p>
+<p><strong>Key Management for Secure APT.</strong> Joey Schulze <a
+href="http://lists.debian.org/debian-release/2006/07/msg00192.html">\
+wondered</a> if key management could be added into <a
+href="http://packages.debian.org/apt">APT</a> in time for the <a
+href="$(HOME)/releases/etch/">etch</a> release. Martin Krafft <a
+href="http://lists.debian.org/debian-release/2006/07/msg00194.html">\
+disencouraged</a> plain automatic key upgrades since they are too vulnerable
+for attacks and prefers a third party authority to sign the keys. Florian
+Weimer <a
+href="http://lists.debian.org/debian-release/2006/07/msg00201.html">\
+stated</a> hat the only approach known to work is static keys for stable
+releases and stable security updates.</p>
+
<p><strong>Security Updates.</strong> You know the drill. Please make sure
that you update your systems if you have any of these packages installed.</p>
More information about the Dwn-trans-commit
mailing list