[csw-maintainers] [policy] GPG Signing Key handling

Philip Brown phil at bolthole.com
Thu Feb 10 06:15:57 CET 2011


On Wed, Feb 9, 2011 at 12:38 AM, Peter FELECAN <pfelecan at opencsw.org> wrote:
>...
> The GPG signing key is the asset of the OpenCSW foundation.
> The representatives of the foundation are the 3 board main members.
> Consequently it should be held by them.
>
> I think that today we have the following situation: the previous
> president of the foundation and a non member of the foundation hold the
> GPG signing key.

I dont see how the current holder being "the previous president" has
any relevance. Are you somehow suggesting that if I were not the prior
president, that you would have no objections? Doesnt seem to make much
sense to me.


> Are you saying that This is unacceptable. I cannot resist the caricature of
> this: as if George W. Bush and Kim Jong Il holds exclusively the nuclear
> codes of the United States.

and this is just gratuitously insulting.
Ignoring the insulting one, and looking at the partially relevant bit
objectively:
The "nuclear codes" are meant to be held by "the president", because
he has a functional role in deciding when and if to use it.
Once he is no longer president, he no longer has that role, so no
longer has access to those keys.

In contrast, I hold the gpg signing key not because I was board
president, but because I am the current release manager. Since I
continue to be, for now, the current release manager, it makes sense
for me to hold the keys, because I have a functional need to do so.
If at some time in the future, there is a new release manager, I will
turn over the key to them without complaint.

As far as ALL 3 board members having the signing key, I dont think
this is a good idea, for the following reason:
You cant just "take back" a gpg signing key from someone at the end of
their term, without revoking it for *everyone*.
Revoking the key every year, would be a hardship and an irritation to our users.

Because of this, I think it is best *for our users*, if it passes
through as few hands as possible.
I think the majority of members consider James to be a trustworthy
person, as I hope they also do myself.
While James has not requested to become "a member of the
organization", he is still a maintainer in good standing.
Not being a member, merely means he does not get a "vote" in things. I
do not see how that makes him any less trustworthy, however.

As such, I hope that the current level of redundancy for our signing
keys will be deemed as adequate for our members.

PS: to answer Ben's question: no I do not take object to having this
issue decided by the full membership


More information about the maintainers mailing list