[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: New Key Repo Locations



Axel Thimm wrote:
If ATM the key is considered stolen, the users need to stop using the
key immediately anyway. Issuing a new package signed with the old key
is just keeping the racing window open.

(...snip...)


I agree with you for the most part, but I'll leave the risk assessment and corresponding consequential response paradigm to the ones that know best what happened and are actually in a position to decide whether or not to revoke keys and nuke content or to make it an easy transition now just to be safe rather then sorry.

Kind regards,

Jeroen van Meeuwen
-kanarip


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]