On Fri, 2009-02-06 at 23:17 +0100, Joshua C. wrote: > > What about the signing server? How should it replace the human factor? > Why is it so complicated to be implemented? The signing server will replace the current act of a human inputting a GPG passphrase at package signing time. The server itself will use mechanisms so that the signing human just has to authenticate with the server, and the server will decide if that user is allowed to make use of a given key, and do the passphrasing for the user. It allows us to grant access to more humans without having to share the phassphrase and the actual key files. Right now, to add anybody else to the signing pool, we have to give them the private keys as well as the passphrases, which means we can never revoke their ability to sign things under Fedora's name. With the signing server, we can revoke their rights to sign, and be done with it. They never possess the private key, nor the passphrase necessary to use it. The complexity comes in with trying to design something that is secure, yet is usable by people on the Internet. Further complexity comes in with wanting to use larger bitsize keys for F11+ and the current koji code not supporting such keys. It is a multifaceted issue. -- Jesse Keating Fedora -- Freedom² is a feature! identi.ca: http://identi.ca/jkeating
Attachment:
signature.asc
Description: This is a digitally signed message part
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
