On 02/07/2019 13:06, Michał Górny via Gnupg-users wrote: > In Gentoo we're using a CA-like model with a central service signing > UIDs of all developers. It is *convenient* for it to be able to inject > those signatures into keys of the developers, and distribute them along > with them.
It is convenient, but if it is covenient for you to attach one signature to the keys of your developers and redistribute, then it is convenient for an arbitrary person to attach a million sigs and gum up the system. I think this is one case where convenience will have to be sacrificed no matter what solution we adopt. This could be a use case for the "preferred keyserver" extension. If you ran your own keyserver and your developers set it as their preferred keyserver, then they would be publicly stating "Allow Gentoo to attach signatures without my explicit permisson, but distrust everyone else". This would only have to be done once in advance, and it could be made part of your new developer onboarding process. -- Andrew Gallagher
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
