#6267: sign ostree commits
Fedora Release Engineering
rel-eng at lists.fedoraproject.org
Wed Sep 30 15:04:52 UTC 2015
#6267: sign ostree commits
------------------------------+-----------------------
Reporter: walters | Owner: rel-eng@…
Type: task | Status: new
Milestone: Fedora 23 Final | Component: koji
Resolution: | Keywords:
Blocked By: | Blocking:
------------------------------+-----------------------
Comment (by ausil):
Replying to [comment:2 walters]:
> Metalink and TLS is good, but it's not a direct replacement for GPG.
For example:
> - GPG is inherently "pinned", whereas the TLS default allows all ca-
certs which allows a *lot* of organizations to MITM
> - GPG is much easier to verify "offline"
>
> As far as the manual step - I'd be fine with an automated process.
I guess I was not clear, we have no way to do any signing automatically.
The way the signing server works it is entirely manual
--
Ticket URL: <https://fedorahosted.org/rel-eng/ticket/6267#comment:3>
Fedora Release Engineering <http://fedorahosted.org/rel-eng>
Release Engineering for the Fedora Project
More information about the rel-eng
mailing list