Enabling new signing key

From FedoraProject

(Difference between revisions)
Jump to: navigation, search
(Update the URL of the key verification page)
m (some updates)
Line 1: Line 1:
 +
{{admon/tip | Key fingerprints can be checked against [https://fedoraproject.org/keys https://fedoraproject.org/keys].}}
 +
 
The Fedora Project recently re-signed all of its packages [[New_signing_key | with a new key]]. The story regarding the key can be found [https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html here].  Contact the release engineering team via IRC in #fedora-devel (irc.freenode.org) or via email to [mailto:rel-eng@lists.fedoraproject.org rel-eng@lists.fedoraproject.org] for more information.
 
The Fedora Project recently re-signed all of its packages [[New_signing_key | with a new key]]. The story regarding the key can be found [https://www.redhat.com/archives/fedora-announce-list/2008-August/msg00012.html here].  Contact the release engineering team via IRC in #fedora-devel (irc.freenode.org) or via email to [mailto:rel-eng@lists.fedoraproject.org rel-eng@lists.fedoraproject.org] for more information.
  
Users need to accept the new signing key the first time updates are downloaded.  PackageKit prompts you whether or not to import the signing key.  To accept the key, press ''y'' at the prompt.
+
The final stages of testing are being done on new builds of the ''fedora-release'', ''PackageKit'', ''gnome-packagekit'' and ''unique'' (new dependency for ''gnome-packagekit'') packages. This means that updates will soon be pushed to their appropriate locations and available for download. Once these initial packages have been installed onto user computers the next update attempt will point to the new repositories utilizing the new signing key. Users need to accept the new signing key the first time updates are downloaded.  PackageKit prompts you whether or not to import the signing key.  To accept the key, press ''y'' at the prompt.
  
After the new packages have been released for a period of time (not yet determined), the Fedora Project will release a new package to forcibly remove the old key from the system's package database (or ''rpmdb'').  This method ensures the old key is no longer trusted/used by the system.
+
{{admon/note | The new builds of the packages listed above will initially be signed with the old key. Once updated the new key will be imported and the old key will be removed from the system (a new ''rpmdb'' will be installed using the new signing key).}}
  
{{admon/tip | Key fingerprints can be checked against [https://fedoraproject.org/keys https://fedoraproject.org/keys].}}
 
  
The plan for implementing the new key is still fluid, and therefore may change.  Updates to this page will occur as new information becomes available.
+
=====The plan for implementing the new key is still fluid, and therefore may change.  Updates to this page will occur as new information becomes available.=====

Revision as of 13:42, 9 September 2008

Idea.png
Key fingerprints can be checked against https://fedoraproject.org/keys.

The Fedora Project recently re-signed all of its packages with a new key. The story regarding the key can be found here. Contact the release engineering team via IRC in #fedora-devel (irc.freenode.org) or via email to rel-eng@lists.fedoraproject.org for more information.

The final stages of testing are being done on new builds of the fedora-release, PackageKit, gnome-packagekit and unique (new dependency for gnome-packagekit) packages. This means that updates will soon be pushed to their appropriate locations and available for download. Once these initial packages have been installed onto user computers the next update attempt will point to the new repositories utilizing the new signing key. Users need to accept the new signing key the first time updates are downloaded. PackageKit prompts you whether or not to import the signing key. To accept the key, press y at the prompt.

Note.png
The new builds of the packages listed above will initially be signed with the old key. Once updated the new key will be imported and the old key will be removed from the system (a new rpmdb will be installed using the new signing key).


The plan for implementing the new key is still fluid, and therefore may change. Updates to this page will occur as new information becomes available.