diff options
Diffstat (limited to 'dev')
-rw-r--r-- | dev/archive/signing.mdwn | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/dev/archive/signing.mdwn b/dev/archive/signing.mdwn index 0dfd6be..83d98df 100644 --- a/dev/archive/signing.mdwn +++ b/dev/archive/signing.mdwn @@ -39,6 +39,18 @@ key(s) into their keyring. If keys are distributed with prokit, **revocations and key transitions need to be handled somehow**. +New keys can be distributed with new versions of prokit, though this would +require users to upgrade prokit to get new keys. Revocations, being more of a +security risk that can go unnoticed by users, would need to be more actively and +immediately received by users. prokit could perhaps check a key server (over +HKPS) each time before using a key. + +And if prokit needs to check key servers anyway, it could also use them to find +new archive signing keys, as long as at least one "seed" key is distributed with +prokit. prokit should find and use only archive signing keys (by a user ID +specified in the profile) that are signed by a non-revoked previous key (or a +signed chain of keys with the user ID). + A user already has to import a key into their own keyring to verify their prokit download. Maybe it's better to just instruct users to also download the archive signing key(s) into their keyrings. This takes advantage of existing PKI, and @@ -72,7 +84,11 @@ plan would simplify this by getting rid of the `libopkg.1` and `libopkg.1-dev` packages altogether. The `opkg` source package could then build just `opkg`, `opkg-gpg`, `opkg-dbg`, and `opkg-doc` binary packages. -The DOT-language dependency graph (which can be rendered as a PNG image with the +GPGME Dependencies +================== + +As noted above, gpgme depends on various packages. Following is the +DOT-language dependency graph (which can be rendered as a PNG image with the command pipeline in the header comment, if saved as `gpgme.dot`): /* |