On Thu, 2008-08-28 at 15:05 +0100, Richard Hughes wrote:
On Wed, 2008-08-27 at 20:22 -0400, Brian Pepple wrote:
> === Signing and Pushing New Keys ===
> * Long discussion on how to handle the package key migration for users.
> FESCo ended up approving Warren's proposal, which can be found here:
>
http://lists.fedoraproject.org/pipermail/rel-eng/2008-August/001622.html
> * NOTE: Once this is implemented we can start issuing updates again,
> which I think is what most people are interested in hearing about.
Might have been nice for someone to ping me if you guys were talking
about PackageKit.
I guess? At this point it's all a solved problem - the key import
mechanism in *current* PK is fine. It's just the version from original
F9 that was problematic.
> > <wwoods> f13: yeah, it's weaksauce, but you
remember the failure
> > condition for PK was *SO BAD* that we added last-minute horrible
> > hacks to anaconda over jeremy's (valid) objections
I guess by hacks you meant that I wanted anaconda to auto-import the
fedora signing key at install time.
That's what I was referring to, yes. I agree with the principle of
importing the signing keys at install-time. I just wish we could have
had time to discuss it and choose a solution (and implementation)
agreeable to all.
So: I used the phrase "horrible hacks" because we had scant *hours* to
find and implement the simplest possible workaround, rather than
actually discussing the problem and fixing as we normally do.
-w