On Sun, Jan 21, 2024 at 10:48:35AM -0800, Linus Torvalds wrote: > On Sat, 20 Jan 2024 at 22:30, Theodore Ts'o <tytso@xxxxxxx> wrote: > > > > Linus, you haven't been complaining about my key, which hopefully > > means that I'm not causing you headaches > > Well, honestly, while I pointed out that if everybody was expiring > keys, I'd have this headache once or twice a week, the reality is that > pretty much nobody is. There's James, you, and a handful of others. > > So in practice, I hit this every couple of months, not weekly. And if > I can pick up updates from the usual sources, it's all fine. James' > setup just doesn't match anybody elses, so it's grating. If we told those people who wantg to pursue key rotation to just always upload keys to the Kernel keyring, using the instructions here[1], and at the beginning of each merge window, you updated your local clone of the kernel keyring git repo[2], and then ran the scripts/korg-refresh-keys, the headache to you would be limited to running "cd ~/git/korg-pgpkeys ; git pull ; ./scripts/korg-refresh-keys" every 2 or 3 months. The work you'd have to do would be a fixed amount of work, even if more people were using PGP key rotation. [1] https://korg.docs.kernel.org/pgpkeys.html [2] https://git.kernel.org/pub/scm/docs/kernel/pgpkeys.git Would that be an acceptable (hopefully minimal!) amount of annoyance for you? - Ted
