From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-dev+bounces-44960-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1Q387a-0001GS-Gw
	for garchives@archives.gentoo.org; Fri, 25 Mar 2011 14:36:14 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id A0B8A1C077;
	Fri, 25 Mar 2011 14:35:20 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	by pigeon.gentoo.org (Postfix) with ESMTP id B6FF91C06C
	for <gentoo-dev@lists.gentoo.org>; Fri, 25 Mar 2011 14:33:51 +0000 (UTC)
Received: from pomiocik.lan (87-205-64-126.adsl.inetia.pl [87.205.64.126])
	(using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: mgorny)
	by smtp.gentoo.org (Postfix) with ESMTPSA id E470D1B400F;
	Fri, 25 Mar 2011 14:33:44 +0000 (UTC)
Date: Fri, 25 Mar 2011 15:33:38 +0100
From: =?UTF-8?B?TWljaGHFgiBHw7Nybnk=?= <mgorny@gentoo.org>
To: gentoo-dev@lists.gentoo.org
Cc: ml-en@veller.net
Subject: Re: [gentoo-dev] Re: rejecting unsigned commits
Message-ID: <20110325153338.0f8f450b@pomiocik.lan>
In-Reply-To: <20110325074824.TAf2c206.tv@veller.net>
References: <AANLkTi=4o69ytUxAVpy-O31AWQv-5p4bEWD2466NWYGx@mail.gmail.com>
	<20110325005026.55598579@epia.jer-c2.orkz.net>
	<20110325000931.GA21942@lemongrass.antoszka.pl>
	<AANLkTikHtND=ttd8afj2yBW3pbkqVcfhwnMXiHsFPvBV@mail.gmail.com>
	<20110325074824.TAf2c206.tv@veller.net>
Organization: Gentoo
X-Mailer: Claws Mail 3.7.8 (GTK+ 2.24.3; x86_64-pc-linux-gnu)
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=PGP-SHA1;
 boundary="Sig_/mfabpmT5EpZYMTzwQ56+4Qm"; protocol="application/pgp-signature"
X-Archives-Salt: 
X-Archives-Hash: 616cbaadfb9682203d3831cac25dd196

--Sig_/mfabpmT5EpZYMTzwQ56+4Qm
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On Fri, 25 Mar 2011 08:15:32 +0100
Torsten Veller <ml-en@veller.net> wrote:

> Do you want to reject signed commits if
> - keys are not publicly available [1]

We'll need to define what does 'public availability' exactly mean? Does
that mean a specific keyserver?

> - keys are revoked [3]

How about manifests signed before the key was revoked?

--=20
Best regards,
Micha=C5=82 G=C3=B3rny

--Sig_/mfabpmT5EpZYMTzwQ56+4Qm
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)

iEYEARECAAYFAk2Mp8cACgkQnGSe5QXeB7uTJgCg47F9368FAzAWUgR05SosNThK
37gAn2mAVAza5E/thSKDWryp0Co1ke2I
=DGfF
-----END PGP SIGNATURE-----

--Sig_/mfabpmT5EpZYMTzwQ56+4Qm--