RFC: FESCo Future
seth vidal
skvidal at linux.duke.edu
Tue Apr 25 05:06:50 UTC 2006
On Mon, 2006-04-24 at 18:55 +0200, Michael Schwendt wrote:
> On Sun, 23 Apr 2006 23:12:32 -0400, seth vidal wrote:
>
> > Also how do we handle the issue of security in
> > terms of the package-signing key during transitions? Clearly anyone
> > outgoing shouldn't keep access to the key.
>
> "Clearly"?
>
> At present, not everybody in FESCO has access to the sign/push scripts or
> the master repository. Access was granted based on an established level of
> trust, wasn't it? If people in FESCO are replaced, do you really want to
> throw away such an establishment? Wow! That's a step backwards IMO.
I don't understand what you mean here. I think we've got some sort of
miscommunication.
Here's what I'm saying:
we have N signers right now. At some point it is conceivable that one of
the signers will stop working on the project. I do not mean anything
about the people leaving FESCO - I mean about the people leaving the
group of signers.
-sv
More information about the fedora-extras-list
mailing list