half baked idea for further baking: "fedora-ugly" repo
mattdm at fedoraproject.org
Thu Feb 13 19:35:33 UTC 2014
On Thu, Feb 13, 2014 at 08:23:51PM +0100, Miroslav Suchy wrote:
> > It's not trivial, but it doesn't require either of those things. I think a
> > signing server with less security than Sigul would be adequate, or else a
> > Sigul instance with more relaxed policies.
> Rather no signing at all than less secure signing.
Let me elaborate, then. The current signing setup requires human
intervention, but we are using it in a way that provides no actual benefit
from a human being in the chain, and in fact introduces the possibility of
human error. So by less secure, I don't necessarily mean "less actual
security", but "less potential security, which is wasted anyway".
Matthew Miller -- Fedora Project -- <mattdm at fedoraproject.org>
More information about the env-and-stacks