New Key Repo Locations
Warren Togami
wtogami at redhat.com
Fri Aug 29 04:15:23 UTC 2008
Jeroen van Meeuwen wrote:
>>> Will the ISOs be respun to reflect the changes as well so that what is
>>> in os/ or in os.newkey/ meets what each of the ISO expects? I guess this
>>> is primarily relevant to respins, netinstalls and so forth, as the old
>>> RPM-GPG-KEYs will be in the root of those ISOs and I can only presume
>>> they are used, and people will want to use os.newkey/ as the tree to
>>> install from.
>> At this time, the isos will not be respun. We will however re-sign the
>> SHA1SUM file with the new gpg key. We are certain that the content on
>> the ISOs (and the numerous hard copies floating about) are safe. The
>> only content to be left in the repos these isos will be able to access
>> out of the box will be the transition fedora-update release, and the
>> fixed packagekit for gpg importing. We'll also have mirrormanager
>> direct all requests for the old dir directly to mirrors which we have
>> ultimate control over.
>>
>
> I'm not sure how that solves the net install use case, especially if
> mirrormanager is going to redirect to os.newkey/, as signatures used on
> os.newkey/ packages will not meet what the installer expects the
> signature to be on these files.
>
You misunderstand the New Key plan. Mirrormanager for the existing
repos fedora, updates and updates-testing will not redirect to the new
location. Please read the plan again carefully.
Warren Togami
wtogami at redhat.com
More information about the Fedora-infrastructure-list
mailing list