On 30/08/2008, Bojan Smojver <bojan@xxxxxxxxxxxxx> wrote: > Just for completeness, yum could alternatively accept say 5 keys from the > pool > (but no Fedora key), so that any compromise of the central key does not > cause > the current "change the Fedora key" hoopla. Simply resign by others and > continue. What might be good, is only signing packages with one or two keys, but only allowing those keys' public parts to be updated in rpm database (or wherever) if signed by a much larger number of keys, which would be owned by some trusted people from the fedora project. Then automated rollover could be done by simply providing a new "keyring" in updates. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
