I don't have anything further to add to this sub-thread. I think I've made valid points about what our requirements should be to ensure that changes to key material are done in a way that our users can trust, why not doing so would reduce user security compared to what happens in Debian, and justified my position. I've also made some suggestions on how I think this can be implemented without too much pain.
If you don't want to do those things, then my opinion is that these changes are not suitable for SRU in Ubuntu.
signature.asc
Description: PGP signature
-- ubuntu-devel mailing list ubuntu-devel@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
