On Wed, 4 Sept 2024 at 20:09, Jeremy Bícha <jeremy.bi...@canonical.com> wrote: > > On Wed, Sep 4, 2024 at 8:48 AM Andreas Hasenack <andr...@canonical.com> wrote: > > I think one cost that may be missing from this analysis is the burden of > > responsibility in the case of revoked keys. Should a key be revoked in, > > say, Fedora, Fedora users can obviously expect an expedited update to the > > keyring. But will the Fedora maintainers (again, just an example, pick > > $distro) remember to also propagate this update to every other non-fedora > > distro? > > I'm restating what I think is one point that Robie and Andreas are > making. > > Is there a person or a team who is willing to commit to > maintain each of these packages through Ubuntu's SRU or Security > Update procedures for the life of Ubuntu releases? If not, it might be > better if these packages were excluded from Ubuntu's stable releases.
Sorry, I thought the question was about upstream. I am willing to maintain these packages for Ubuntu releases. I will already do it in Debian. -- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
