Time to resurrect multi-key signatures in RPM?
Bojan Smojver
bojan at rexursive.com
Sat Aug 30 00:11:35 UTC 2008
Bojan Smojver <bojan <at> rexursive.com> writes:
> Say there are 10 signatories in the pool. Yum would check that:
>
> - the package is signed with the Fedora key
> - the package is signed by at least N (say 2) other keys from the pool
> - failing the above, it would not accept the package
Just for completeness, yum could alternatively accept say 5 keys from the pool
(but no Fedora key), so that any compromise of the central key does not cause
the current "change the Fedora key" hoopla. Simply resign by others and continue.
--
Bojan
More information about the fedora-devel-list
mailing list