On Fri, Apr 09, 2004 at 11:05:38AM -0500, kfogel@collab.net wrote:
> Okay, I think I've had an epiphany :-).
>
> There is nothing preventing any group of developers from getting
> together, generating a shared key, signing it with their personal keys
> (and those of anyone else they can persuade), and then using the
> shared key to sign the release.
>
> So, those of us who want to do that for the next release will just do
> it. That will probably include at least those of us in Chicago. I
> hope no one will mind if we call it the "SVN Release Key" or something
> similarly official-sounding. There's no reason to have two such keys,
> after all -- anyone who wants to can just sign this one (we can easily
> generate trust paths).
>
> If it later turns out to be a pain to manage, we just stop doing it.
> Some release announcement would simply say "We have stopped using a
> shared key to sign releases, due to key management concerns [or
> whatever], but we continue to sign with personal keys."
>
> In essence, this is Ben's proposal, on an experimental basis. Why
> speculate about problems that might come up, when we can just wing it?
> There's very little penalty for guessing wrong here, after all.
I'm fine with this. I'll certainly go the extra mile to do whatever
things need to be done to aid in the key management.
--
Ben Reser <ben@reser.org>
http://ben.reser.org
"Conscience is the inner voice which warns us somebody may be looking."
- H.L. Mencken
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@subversion.tigris.org
For additional commands, e-mail: dev-help@subversion.tigris.org
Received on Fri Apr 9 19:50:44 2004