New Key Repo Locations

Warren Togami wtogami at
Sun Aug 31 03:53:36 UTC 2008

Axel Thimm wrote:
> Either the key is considered compromized and one needs to do the full
> program, or it is reasonably considered safe (by a brute-force safe
> passphrase and really assuming the passphrase has not been lost to the
> intruder as well), in which case no steps are needed, but phasing it
> out before the computing power gets accessible to break it (e.g. new
> keys for F10 upwards).
> The current program looks like a mix of assuming "safe" (so the old
> key can be used for signing new packages, even if it just a few) and
> assuming "compromised" needing a resiging of all content.

It turns out that we're ahead of schedule in re-signing.  Due to bodhi 
limitations we needed to resign all updates before pushing any new 
updates, and that is done now.  I have to check with Jesse but I suspect 
resigning of Everything should be done early during this upcoming week. 
    (It might even be close to done now, I dunno.)
The re-signing of Everything however is not blocking implementation of 
the first stages of the plan - which includes updates going out.

Anyhow, updates should begin flowing soon, and shortly thereafter the 
old key is removed.  Oh, did you actually test rpm -e during %post? 
According to skvidal it doesn't work because it locks the transaction. 
Jeremy thinks the only assured way we can remove the old key is with a 
hardcoded hack in rpm that will be removed in F10 rpm.

Warren Togami
wtogami at

More information about the Fedora-infrastructure-list mailing list