Ian Weller wrote: > On Fri, Jul 23, 2010 at 03:39:25PM -0400, Ian Weller wrote: >> fedoraproject.org/data/content/keys.html | 39 +++++--- >> fedoraproject.org/data/content/verify.html | 2 +- >> fedoraproject.org/static/97A1071F.txt | 31 ++++++ >> fedoraproject.org/static/fedora.gpg | 146 ++++++++++++++-------------- >> fedoraproject.org/update-gpg-keys | 1 + >> 5 files changed, 132 insertions(+), 87 deletions(-) >> create mode 100644 fedoraproject.org/static/97A1071F.txt > > So this is the per-release Changing of the Keys, as requested by Jesse > Keating an hour or so ago in #fedora-admin. Todd did the patch last > time, I did my work based off of his. > > http://git.fedorahosted.org/git/?p=fedora-web.git;a=commitdiff;h=1840f96dd12abf5f5312cadd04a372f400b12a9b > > A lot of this was recreating what the process was last time from the > last diff, and talking with Todd. Turns out that it's hard to remember > what you have to do every six months because you only do it that often. > The process goes something like this: > > - cd $GIT/fedora-web/fedoraproject.org > - download the new key, put it somewhere > - edit update-gpg-keys, add key ID for recently EOL'd version > - $ ./update-gpg-key $PATHTONEWKEY > - $ gpg static/fedora.gpg # do this to verify the changes > - update data/content/{keys,verify}.html > > This is going to go in a SOP somewhere before I leave the office today. > > Look it over, +1 it, I'll push it when that's done twice. :) +1, thanks for deciphering things Ian. Somewhere in either our SOP or Jesse's release SOP would should add a bit on sending the new key to the keyservers, e.g.: gpg --import static/97A1071F.txt gpg --send-keys --keyserver hkp://keys.gnupg.net 0x97A1071F -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ How can I tell that the past isn't a fiction designed to account for the discrepancy between my immediate physical sensation and my state of mind? -- Douglas Adams
Attachment:
pgpsQhc0gZ4zN.pgp
Description: PGP signature
-- websites mailing list websites@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/websites
