From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org)
	by finch.gentoo.org with esmtp (Exim 4.60)
	(envelope-from <gentoo-dev+bounces-44969-garchives=archives.gentoo.org@lists.gentoo.org>)
	id 1Q38bc-0005IU-MH
	for garchives@archives.gentoo.org; Fri, 25 Mar 2011 15:07:16 +0000
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id ACF2F1C16D;
	Fri, 25 Mar 2011 15:07:03 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	by pigeon.gentoo.org (Postfix) with ESMTP id 63F031C07D
	for <gentoo-dev@lists.gentoo.org>; Fri, 25 Mar 2011 15:06:37 +0000 (UTC)
Received: from [66.170.231.116] (unknown [66.170.231.116])
	(using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
	(No client certificate requested)
	(Authenticated sender: c1pher)
	by smtp.gentoo.org (Postfix) with ESMTPSA id B5A7B1B400F
	for <gentoo-dev@lists.gentoo.org>; Fri, 25 Mar 2011 15:06:36 +0000 (UTC)
Message-ID: <4D8CAEF1.1070805@gentoo.org>
Date: Fri, 25 Mar 2011 11:04:17 -0400
From: Dane Smith <c1pher@gentoo.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.15) Gecko/20110321 Thunderbird/3.1.9
Precedence: bulk
List-Post: <mailto:gentoo-dev@lists.gentoo.org>
List-Help: <mailto:gentoo-dev+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-dev+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-dev+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-dev.gentoo.org>
X-BeenThere: gentoo-dev@lists.gentoo.org
Reply-to: gentoo-dev@lists.gentoo.org
MIME-Version: 1.0
To: gentoo-dev@lists.gentoo.org
Subject: Re: [gentoo-dev] rejecting unsigned commits
References: <AANLkTi=4o69ytUxAVpy-O31AWQv-5p4bEWD2466NWYGx@mail.gmail.com>	<4D8C82B9.5070309@gentoo.org>	<4D8C83B5.5040600@gentoo.org> <20110325154348.02faafe5@pomiocik.lan> <4D8CAEFC.2000502@gentoo.org>
In-Reply-To: <4D8CAEFC.2000502@gentoo.org>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Archives-Salt: 
X-Archives-Hash: 1dc60bc6010ee473cc4da0318b2012ec

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/25/2011 11:04 AM, "Pawe=C5=82 Hajdan, Jr." wrote:
> On 3/25/11 3:43 PM, Micha=C5=82 G=C3=B3rny wrote:
>> How about Gentoo Foundation funding devs a full blown X509 client
>> certs?
>=20
> Let's get signing and verifying working first, and then consider
> anything that requires funding.
>=20

+1

We do not need to get paid for X509 certs. We control portage. We
control the manifests. We do not need some third party CA to control the
certs used for signing. We have the infrastructure to do it ourselves.
For free. With us in control of the revocation etc.

- --=20
Dane Smith (c1pher)
Gentoo Linux Developer -- QA / Crypto / Sunrise / x86
RSA Key: http://pgp.mit.edu:11371/pks/lookup?search=3D0x0C2E1531&op=3Dind=
ex
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.17 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJNjK7xAAoJEEsurZwMLhUxfCMP+gNozbZ7aVFl3xejgDOoAych
ttvHp0bDHhIzBd+hO+GvQm6RSm/keHaBi3hX6Sv0IoxK3VARK4xZ7QHrgk2xEr1V
4+vIv44NBpEKbmF5ilm/hWReq1CXpRnef5aL+mdlfGY3FvCVrJjeaMEu15I/TwkJ
wD0fqYSZxZsHLoH0UCnCEew5MJlL8oT21vOVwXbSdZJ2YlpHoAjgR6AOmOTPl+pJ
2ZHnQ7H+tuQr8PxH50rEba6MyrEG0Djgg8NI+w0dNgZcrWm2ODA6o6pdmh+yXlS4
PzvSbwDXe4K6E5i3LHjVAd4OFWS2SY6mLNrBHYR0cI0D0ZtMY3Tab3MksIvuPFaY
X8WwZq5+oEXZgr2poeaKHl9FIoPTqa7eFQkQA3oOPGVb2T3vwpY4JinPvj4Eb5VN
Yd/GnJonbuWtUx6+98b0rBmjhu51vjh7T7BTThKJbuBIJ5KH9NynOAHWpTk6ZyBf
IIMoiEbL/zIr6ZJlIlBP5RlMOHrE2rP+e6D4mzmDOvVT4lIRhr25eCsh3k+K6lJ3
bbuYCCEaowmyMe/oEwrDPzuAdG+N3v4qjB7IvGebSKfv8PSqIBxOOiejAkeFKHFP
Z+2xE65eaAHrr3F2sp+FwhWF9SQy4AAP+wjt1NLrdJGAHasvpn3Dp8rQ9eJq0XFJ
HaUJZLyeEjWwe8md+jF4
=3D0aS+
-----END PGP SIGNATURE-----