Merge remote-tracking branch 'origin/master'

Conflicts:
	dev/archive/signing.mdwn

1 files changed, 12 insertions, 4 deletions

diff --git a/dev/archive/signing.mdwn b/dev/archive/signing.mdwn
index dbd094e..83d98df 100644
--- a/dev/archive/signing.mdwn
+++ b/dev/archive/signing.mdwn
@@ -14,10 +14,9 @@ Implementation
 ProteanOS Archive Manager
 -------------------------
 
-[[pro-archman|dev/pro-archman]] will gain two new options: one to enable archive
-signing and one to specify a signing key.  If archive signing is enabled,
-pro-archman will run `gpg` to sign, with the specified key, `Packages` feed
-index files when generated.
+[[pro-archman|dev/pro-archman]] will gain a new option: an archive signing key.
+If a key is provided, pro-archman will run `gpg` to sign, with the specified
+key, `Packages` feed index files when generated.
 
 A `gpg` executable will be an optional dependency, found by the `configure`
 script at build time.
@@ -52,6 +51,15 @@ prokit.  prokit should find and use only archive signing keys (by a user ID
 specified in the profile) that are signed by a non-revoked previous key (or a
 signed chain of keys with the user ID).
 
+A user already has to import a key into their own keyring to verify their prokit
+download.  Maybe it's better to just instruct users to also download the archive
+signing key(s) into their keyrings.  This takes advantage of existing PKI, and
+leaves users to make sure their keyring is kept updated with signatures,
+revocations, changed expiration dates, and transitions.  It also avoids having
+released prokit versions "expire" due to included keys expiring.
+
+Suggestions welcome.
+
 Opkg
 ----