This repository was archived by the owner on Nov 12, 2022. It is now read-only.
Add mirror of commonly used pgp keys for convenience #621
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Author
|
Since commits to this repo are not signed and it is less monitored than the main repo, an attacker would have an easier job to compromise it. They consequently compromise all users that only rely on the signatures and don't Gitian-build for themselves or take part in the web of trust. Closing. |
laanwj
added a commit
to bitcoin/bitcoin
that referenced
this pull request
Feb 6, 2018
…prints fabb72b contrib: Remove xpired 522739F6 key (MarcoFalke) faeab66 contrib: Replace developer keys with list of pgp fingerprints (MarcoFalke) Pull request description: Having to host a copy of the keys in this repo was a common source of discussion and distraction, caused by problems such as: * Outdated keys. Unclear whether and when to replace by fresh copies. * Unclear when to add a key of a new developer or Gitian builder. The problems are solved by * Having no keys but only the fingerprints * Adding a rule of thumb, when to add a new key <strike>Moving the keys to a different repo solves none of these issues, but since the keys are not bound to releases or git branches of Bitcoin Core, they should live somewhere else. Obviously, all keys are hosted and distributed on key servers, but were added to the repo solely for convenience and redundancy. Moving the mirror of those keys to a different repo makes it less distracting to update them -- let's say -- prior to every major release. I updated our `doc/release-process.md` to reflect the new location. DEPENDS_ON bitcoin-core/gitian.sigs#621 </strike> Tree-SHA512: c00795a07603190e26dc4526f6ce11e492fb048dc7ef54b38f859b77dcde25f58ec4449f5cf3f85a5e9c2dd2743bde53f7ff03c8eccf0d75d51784a6b164e47d
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.