[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Proposal: Single GPG key per Fedora release (starting with 11)

On Mon, Apr 20, 2009 at 6:17 PM, Jesse Keating <jkeating redhat com> wrote:
As I mentioned in an earlier thread I was interested in reducing the
number of gpg keys down to one per release.  Currently we have two, one
we sign development builds with during beta/preview and updates-testing,
and then one we sign the released packages with and the stable updates
with.  Multiple keys per release creates a lot of churn, reduces the
number of hardlinks we can maintain, and causes a lot of delay in
getting package sets prepped for the different releases.  As such I'm
proposing that we reduce the keys down to one per release, used for all
the scenarios listed, starting with Fedora 11.  There is already a
Fedora 11 key that was used to sign beta and will be used to sign
preview release, I would just revoke / delete the current ID which
mentions testing and replace it with an ID of just "Fedora 11".
fedora-release will be modified to handle this in the repo files as

If there are no strong reasonable objections this will happen early this
week in time for the Preview release.

Jesse Keating
Fedora -- Freedom² is a feature!
identi.ca: http://identi.ca/jkeating

fedora-devel-list mailing list
fedora-devel-list redhat com

This is a very reasonable request. I definitely support this. +1

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]