RFC: FESCo Future

seth vidal skvidal at linux.duke.edu
Tue Apr 25 05:06:50 UTC 2006

On Mon, 2006-04-24 at 18:55 +0200, Michael Schwendt wrote:
> On Sun, 23 Apr 2006 23:12:32 -0400, seth vidal wrote:
> > Also how do we handle the issue of security in
> > terms of the package-signing key during transitions? Clearly anyone
> > outgoing shouldn't keep access to the key.
> "Clearly"?
> At present, not everybody in FESCO has access to the sign/push scripts or
> the master repository. Access was granted based on an established level of
> trust, wasn't it? If people in FESCO are replaced, do you really want to
> throw away such an establishment? Wow! That's a step backwards IMO.

I don't understand what you mean here. I think we've got some sort of

Here's what I'm saying:

we have N signers right now. At some point it is conceivable that one of
the signers will stop working on the project. I do not mean anything
about the people leaving FESCO - I mean about the people leaving the
group of signers.


More information about the fedora-extras-list mailing list