From 058a3c551d9b3402bef9ebf89151e20e4897e080 Mon Sep 17 00:00:00 2001
From: Patrick McDermott <pehjota>
Date: Sat, 23 Mar 2019 14:43:35 -0400
Subject: Merge remote-tracking branch 'origin/master'

Conflicts:
	dev/archive/signing.mdwn
---
(limited to 'dev/archive/signing.mdwn')

diff --git a/dev/archive/signing.mdwn b/dev/archive/signing.mdwn
index dbd094e..83d98df 100644
--- a/dev/archive/signing.mdwn
+++ b/dev/archive/signing.mdwn
@@ -14,10 +14,9 @@ Implementation
 ProteanOS Archive Manager
 -------------------------
 
-[[pro-archman|dev/pro-archman]] will gain two new options: one to enable archive
-signing and one to specify a signing key.  If archive signing is enabled,
-pro-archman will run `gpg` to sign, with the specified key, `Packages` feed
-index files when generated.
+[[pro-archman|dev/pro-archman]] will gain a new option: an archive signing key.
+If a key is provided, pro-archman will run `gpg` to sign, with the specified
+key, `Packages` feed index files when generated.
 
 A `gpg` executable will be an optional dependency, found by the `configure`
 script at build time.
@@ -52,6 +51,15 @@ prokit.  prokit should find and use only archive signing keys (by a user ID
 specified in the profile) that are signed by a non-revoked previous key (or a
 signed chain of keys with the user ID).
 
+A user already has to import a key into their own keyring to verify their prokit
+download.  Maybe it's better to just instruct users to also download the archive
+signing key(s) into their keyrings.  This takes advantage of existing PKI, and
+leaves users to make sure their keyring is kept updated with signatures,
+revocations, changed expiration dates, and transitions.  It also avoids having
+released prokit versions "expire" due to included keys expiring.
+
+Suggestions welcome.
+
 Opkg
 ----
 
--
cgit v0.9.1