dev/archive/signing: Consider not distributing keys with prokit

Rely on existing PKI and leave keyring management to users.
author: Patrick McDermott <pehjota> 2018-06-24 22:27:14 (EDT)
committer: Patrick McDermott <pehjota> 2018-06-24 22:27:14 (EDT)
commit: da74882bfe0a3cf57e2d4d0a4bbd726652879587 (patch)
tree: 3a2dacd75c4d2755d8d995931bfd703e7dc28cbe
parent: 2307bbd7a858590b6ae21481a35be51352478062 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/dev/archive/signing.mdwn b/dev/archive/signing.mdwn
index e7d6168..0dfd6be 100644
--- a/dev/archive/signing.mdwn
+++ b/dev/archive/signing.mdwn
@@ -39,6 +39,15 @@ key(s) into their keyring.
 If keys are distributed with prokit, **revocations and key transitions need to
 be handled somehow**.
 
+A user already has to import a key into their own keyring to verify their prokit
+download.  Maybe it's better to just instruct users to also download the archive
+signing key(s) into their keyrings.  This takes advantage of existing PKI, and
+leaves users to make sure their keyring is kept updated with signatures,
+revocations, changed expiration dates, and transitions.  It also avoids having
+released prokit versions "expire" due to included keys expiring.
+
+Suggestions welcome.
+
 Opkg
 ----
author	Patrick McDermott <pehjota>	2018-06-24 22:27:14 (EDT)
committer	Patrick McDermott <pehjota>	2018-06-24 22:27:14 (EDT)
commit	da74882bfe0a3cf57e2d4d0a4bbd726652879587 (patch)
tree	3a2dacd75c4d2755d8d995931bfd703e7dc28cbe
parent	2307bbd7a858590b6ae21481a35be51352478062 (diff)