nodata wrote: > Am Montag, den 01.09.2008, 16:19 -0400 schrieb Jon Stanley: >> On Mon, Sep 1, 2008 at 4:01 PM, Naheem Zaffar <naheemzaffar@xxxxxxxxx> wrote: >>> Are there any plans for a re-release of Fedora 9 with updated keys? >> Not as such, no. The current plan can be found at >> http://lists.fedoraproject.org/pipermail/rel-eng/2008-August/001627.html, >> with the latest draft of the actual locations over at >> http://lists.fedoraproject.org/pipermail/rel-eng/2008-August/001635.html >> and ensuing discussion >> >> This plan already has FESCo buy-in, with whatever minor tweaks rel-eng >> might need to make, but this is the essence of what's going to happen. >> > > "[The new] fedora-release is put into the OLD repo, signed by the OLD > key." > > Isn't this counter-intuitive? > The idea is that fedora-release contains the new key and the new repository location. So it has to go in the old repository, signed with the old key so people hitting the old repository get those. Maybe we should have two new fedora-release packages. The lower NEVR one can go in the OLD repo and the newer one in the new repo. (That way we end up with 0 packages signed by the old key on the new system). -Toshio
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
