On Thu, 25 Feb 2016, Dennis Gilmore wrote:
No one has access to the private key. It lives on a server that has no
services running that listen for connections. There is a service that runs
on
it that talks to the signing bridge. That brokers all requests. Users with
access do not know the password to unlock the key. The signing server
manages
access. There is exactly two copies of the private key, one embeded in
encrypted storage on the signing server and a backup of the encrypted
storage
on the backup server. It has been designed to allow the granting and
revocation of access without the need for having a copy of the private key.
https://fedorahosted.org/sigul/ is the software we use
Dennis
Thank you for providing this valuable information about the handling
of the private key that enables Fedora ISO signing. This information
should be shared and highlighted as it is helping to create trust in
the use of this key.
As a personal request, would you be so kind as to confirm the fingerprint
here (and maybe somewhere else), please. Thank you very much.
Ralf
--
devel mailing list
devel@lists.fedoraproject.org
http://lists.fedoraproject.org/admin/lists/devel@lists.fedoraproject.org
