[CentOS-devel] [DISCUSS] Atomic-specific key for signing

Tue Sep 30 14:24:52 UTC 2014
Joe Brockmeier <jzb at redhat.com>

Hi all,

During last week's meeting I agreed to bring this up (sorry for the delay).

KB asked "do we care and how much, if at all, that the key used to sign
the content is the real distro key?" (Because at the outset, it's going
to be more difficult to use the distro key for Atomic host.)

IMO, we don't so long as we have a SIG key that is publicized. I don't
see any reason it has to be the main CentOS / distro key.

Any objections/thoughts/comments?

Thanks,

jzb
-- 
Joe Brockmeier | Principal Cloud & Storage Analyst
jzb at redhat.com | http://community.redhat.com/
Twitter: @jzb  | http://dissociatedpress.net/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.centos.org/pipermail/centos-devel/attachments/20140930/af9ec5c6/attachment-0007.sig>