| |
|
 |
|
 |
|
|
|
| |
|
|
xen-devel
Re: [Xen-devel] request to sign software
Keir Fraser writes ("Re: [Xen-devel] request to sign software"):
> I chatted with Ian Jackson about this, and our thought was to generate a
> xen.org master key which we would keep safe in Cambridge: only he and I
> would have copies of it (the two of us, for redundancy). We can also
> generate a software-signing key, signed by the master key, which we actually
> use for the business of signing releases from the xen-*.hg and
> qemu-xen-*.git repositories.
Right. I think the best plan is to have a master key we use for
certifying other keys, including probably a single key for each
relevant tree.
So we'll have a key for xen-*.hg which we'll use with the hg repo
signing support to sign 4.0.0, a key for qemu-xen-*.git likewise, and
probably at least one more key for signing tarball releases.
I trust Jeremy can generate his own special key for generating a
signed tag for a suitable pvops version. Jeremy ?
The public half of the master key at least (and perhaps some of the
others) will be on the website and I'll cross-certify it with my own
personal PGP keys.
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
|
| <Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [Xen-devel] request to sign software,
Ian Jackson <=
|
|
|
| |
|
Home