Infrastructure improvement: X.509 certificates

Eric Christensen sparks at
Mon Nov 2 16:35:17 UTC 2015

On Friday, October 30, 2015 08:28:52 PM Florian Weimer wrote:
> I don't know why this problem exists:

I think this issue exists because Fedora actually issues certificates to 
packagers for submitting packages to the system thus a need for a common CA.  
Okay, now that I've written that I really can't say that the argument makes 
complete sense.  I'll follow up with Infra and see what they can tell me WRT 
encrypting all the things in a way that provides verified domain assurance.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: <>

More information about the security-team mailing list