From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1Q3Bm1-0007pd-Fh for garchives@archives.gentoo.org; Fri, 25 Mar 2011 18:30:13 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id DBED81C07B; Fri, 25 Mar 2011 18:30:04 +0000 (UTC) Received: from mail-iw0-f181.google.com (mail-iw0-f181.google.com [209.85.214.181]) by pigeon.gentoo.org (Postfix) with ESMTP id ACFCB1C076 for ; Fri, 25 Mar 2011 18:29:35 +0000 (UTC) Received: by iwn2 with SMTP id 2so1675579iwn.40 for ; Fri, 25 Mar 2011 11:29:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:in-reply-to:references:from :date:x-google-sender-auth:message-id:subject:to:content-type :content-transfer-encoding; bh=/zRXu8qmKHriPfMZ4sh8eZ+I4CukGqqOpXJ2eE+2QSg=; b=gVhX/UhNRDhYk54zPJ+kx1AdEPgpYMFI5p0dYiZBiIcW2W3u2u0PzvnWzXYwLO/Bdj w5dDdTTqMULmjBHJLuEbeV/F2BmAC3qsErKO3sH7fffh2hUNQDuLaUTaDwmWAVJOKr+l 9v3lOYfZn7Hn4mJRFaFZfi/xKQ0oF+x7HFDeM= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:content-type :content-transfer-encoding; b=UMxWojo/3voFFNA4uhupXw72kEdTiruZIxhgHJmK5+FzfUJ9cqc+WRlivMUX97+Pyh nGFMoXYIah/MphrOLpkStt2sfMTJQowuYIm0v5Jag5U2DgpQmzEu7pwLi+bsFw0YOAzu W62q+xkD8oGQU9Au0RmD8XCOcj/vPcJoHDM68= Received: by 10.231.67.213 with SMTP id s21mr1099284ibi.22.1301077775113; Fri, 25 Mar 2011 11:29:35 -0700 (PDT) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org MIME-Version: 1.0 Sender: vapierfilter@gmail.com Received: by 10.231.11.195 with HTTP; Fri, 25 Mar 2011 11:29:15 -0700 (PDT) In-Reply-To: <20110325153338.0f8f450b@pomiocik.lan> References: <20110325005026.55598579@epia.jer-c2.orkz.net> <20110325000931.GA21942@lemongrass.antoszka.pl> <20110325074824.TAf2c206.tv@veller.net> <20110325153338.0f8f450b@pomiocik.lan> From: Mike Frysinger Date: Fri, 25 Mar 2011 14:29:15 -0400 X-Google-Sender-Auth: mh97XUwFOo1EppnJm1taLVZPWbw Message-ID: Subject: Re: [gentoo-dev] Re: rejecting unsigned commits To: gentoo-dev@lists.gentoo.org Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Archives-Salt: X-Archives-Hash: aedc481e78dee0438f86671ae0e7ab59 On Fri, Mar 25, 2011 at 10:33 AM, Micha=C5=82 G=C3=B3rny wrote: > On Fri, 25 Mar 2011 08:15:32 +0100 Torsten Veller wrote: >> - keys are revoked [3] > > How about manifests signed before the key was revoked? you cant do this at commit time (computers cant predict the future), so it has no bearing on the original idea people who need to revoke their key are responsible for either notifying the Gentoo community of the issue and verifying that all the commits in the tree before their revocation were actually made by them -mike