Bug #10651: Investigate if we could have our signing key certified by other well-known role keys

Bug #10651

Investigate if we could have our signing key certified by other well-known role keys

Added by sajolida 2015-11-24 03:03:55 . Updated 2017-01-16 19:41:52 .

Status:

Rejected

Priority:

Normal

Assignee:

Category:

Target version:

Start date:

2015-11-24

Due date:

% Done:

Feature Branch:

Type of work:

End-user documentation

Blueprint:

Starter:

Affected tool:

Deliverable for:

Description

In the process of documenting expert instructions to verify our signing key we are currently relying on Stefano Zacchiroli as he is in the Debian keyring. But it can feel weird to ask people to transitively trust an individual they doesn’t know. Even if cryptographically speaking it doesn’t make much different, from a user point of view it might be better to use a role key instead, maybe a Debian role key if that’s possible…

Having our key signed by other role keys such as Riseup collective, even if they are not in the Debian keyring, would be nice too and could be complementary.

Subtasks

History

#1 Updated by sajolida 2017-01-16 19:41:52

Status changed from Confirmed to Rejected
Assignee deleted (~~sajolida~~)

Giving up on this idea for the time being. This would be of interest to too few people.

Tails

Bug #10651

Investigate if we could have our signing key certified by other well-known role keys

History

#1 Updated by sajolida 2017-01-16 19:41:52