Enabling new signing key

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
m (minor grammar change..oopsy)
(Style editing)
Line 1: Line 1:
 
{{admon/tip | Key fingerprints can be checked against [https://fedoraproject.org/keys https://fedoraproject.org/keys].}}
 
{{admon/tip | Key fingerprints can be checked against [https://fedoraproject.org/keys https://fedoraproject.org/keys].}}
  
The Fedora Project recently re-signed all of its packages [[New_signing_key | with a new key]]. The story regarding the key can be found [https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html here].  Contact the release engineering team via IRC in #fedora-devel (irc.freenode.org) or via email to [mailto:rel-eng@lists.fedoraproject.org rel-eng@lists.fedoraproject.org] for more information.
+
The Fedora Project recently re-signed all of its packages [[New_signing_key | with a new key]]. Background details regarding the key change are found [https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html here].  Contact the release engineering team via IRC in #fedora-devel (irc.freenode.org) or via email to [mailto:rel-eng@lists.fedoraproject.org rel-eng@lists.fedoraproject.org] for more information.
  
The final stages of testing are being done on new builds of the ''fedora-release'', ''PackageKit'', ''gnome-packagekit'' and ''unique'' (new dependency for ''gnome-packagekit'') packages. This means that updates will soon be pushed to their appropriate locations and available for download. Once these initial packages have been installed the next update attempt will point to the new repositories utilizing the new signing key. Users need to accept the new signing key the first time updates are downloaded.  PackageKit prompts you whether or not to import the signing key.  To accept the key, press ''y'' at the prompt.
+
We are in the final stages of testing on new builds of the ''fedora-release'', ''PackageKit'', ''gnome-packagekit'' and ''unique'' (new dependency for ''gnome-packagekit'') packages. After we complete this testing, we will push updates to their appropriate locations and make them available for download. Users who perform a system update will receive these packages.
  
{{admon/note | The new builds of the packages listed above will initially be signed with the old key. Once updated the new key will be imported and the old key will be removed from the system (a new ''rpmdb'' will be installed using the new signing key).}}
+
Once these initial packages are installed, the next update attempt will point to the new repositories utilizing the new signing key. Users must accept the new signing key the first time updates are downloaded.  PackageKit prompts you whether or not to import the signing key.  To accept the key, press ''y'' at the prompt.
  
 
+
{{admon/note | The new builds of the packages listed above are initially signed with the old key.  When they are updated, the new key is imported, the old key is removed from the system, and a new ''rpmdb'' is installed using the new signing key.}}
=====The plan for implementing the new key is still fluid, and therefore may change.  Updates to this page will occur as new information becomes available.=====
+

Revision as of 13:50, 9 September 2008

Idea.png
Key fingerprints can be checked against https://fedoraproject.org/keys.

The Fedora Project recently re-signed all of its packages with a new key. Background details regarding the key change are found here. Contact the release engineering team via IRC in #fedora-devel (irc.freenode.org) or via email to rel-eng@lists.fedoraproject.org for more information.

We are in the final stages of testing on new builds of the fedora-release, PackageKit, gnome-packagekit and unique (new dependency for gnome-packagekit) packages. After we complete this testing, we will push updates to their appropriate locations and make them available for download. Users who perform a system update will receive these packages.

Once these initial packages are installed, the next update attempt will point to the new repositories utilizing the new signing key. Users must accept the new signing key the first time updates are downloaded. PackageKit prompts you whether or not to import the signing key. To accept the key, press y at the prompt.

Note.png
The new builds of the packages listed above are initially signed with the old key. When they are updated, the new key is imported, the old key is removed from the system, and a new rpmdb is installed using the new signing key.