From Fedora Project Wiki

m (fingerprint check link)
mNo edit summary
Line 5: Line 5:
= Enabling the New Signing Key =
= Enabling the New Signing Key =


{{admon/tip | Users will need to accept the new signing key the first time updates are downloaded. To accept the key, press 'y' when prompted whether or not to import the signing key by PackageKit. Key fingerprints can be checked against [[https://admin.fedoraproject.org/fingerprints]].}}
{{admon/tip | Users will need to accept the new signing key the first time updates are downloaded. To accept the key, press 'y' when prompted whether or not to import the signing key by PackageKit. Key fingerprints can be checked against [https://admin.fedoraproject.org/fingerprints https://admin.fedoraproject.org/fingerprints].}}


{{admon/note | After the new packages have been released for a period of time (not yet determined) there will be a new .rpm build that will forcibly remove the old key from the system rpmdb. This will ensure that the old key is not trusted/used by the system.}}
{{admon/note | After the new packages have been released for a period of time (not yet determined) there will be a new .rpm build that will forcibly remove the old key from the system rpmdb. This will ensure that the old key is not trusted/used by the system.}}


The plan for implementing the new key is very fluid, therefore changes can be expected. This page will be updated as new information is obtained.
The plan for implementing the new key is very fluid, therefore changes can be expected. This page will be updated as new information is obtained.

Revision as of 18:47, 5 September 2008

The New Fedora Signing Key

The Fedora Project recently re-signed all of its packages with a new key. The story regarding the key can be found here. Contact the release engineering team via IRC in #fedora-devel (irc.freenode.org) or via email to rel-eng@fedoraproject.org for more information.

Enabling the New Signing Key

Idea.png
Users will need to accept the new signing key the first time updates are downloaded. To accept the key, press 'y' when prompted whether or not to import the signing key by PackageKit. Key fingerprints can be checked against https://admin.fedoraproject.org/fingerprints.
Note.png
After the new packages have been released for a period of time (not yet determined) there will be a new .rpm build that will forcibly remove the old key from the system rpmdb. This will ensure that the old key is not trusted/used by the system.

The plan for implementing the new key is very fluid, therefore changes can be expected. This page will be updated as new information is obtained.