X-Git-Url: https://git.decadent.org.uk/gitweb/?a=blobdiff_plain;ds=inline;f=web%2Fkeys.html;h=78e35474bae44e73e1c2a7569a7fc56cb0f0477e;hb=c76212aee333a22e3dcf62d787edd29e73ba0b68;hp=7fd38e85af70d2c7efde2d6e87372f9f716ab424;hpb=74b682ca6e9037fd5fcef014314a66eea4e7547f;p=dak.git diff --git a/web/keys.html b/web/keys.html index 7fd38e85..78e35474 100644 --- a/web/keys.html +++ b/web/keys.html @@ -115,16 +115,67 @@
A revokation certificate for the archive key is produced at the time of the creation - of an archive key. The program ssss (a Shamir's secret sharing scheme implementation) - is then used to produce 20 shares of which 10 are needed to recover the revokation cert. + of an archive key. The program gfshare (package + libgfshare-bin) + (a Shamir's secret sharing scheme implementation) is then used to produce 12 shares of + which 7 are needed to recover the revokation cert. This procedure is for use in emergencies only (such as losing ftp-master.debian.org and all of the backups, a hopefully unlikely event) as the key can normally be used to produce its own revokation certificate.
After the creation of the archive key, the secret part of it will be backed up in one additional + way. The program gfshare (package + libgfshare-bin) + (a Shamir's secret sharing scheme implementation) is used to produce 14 shares of which 9 are needed + to recover the secret key.
The following people each hold one of the shares of the revocation certificate / private key.
+7 of those shares are needed to reproduce the revocation certificate
+Debian uid | Name |
---|---|
sho | Samuel Hocevar |
don | Don Armstrong |
neilm | Neil McGovern |
djpig | Frank Lichtenheld |
jimmy | Jimmy Kaplowitz |
killer | Kalle Kivimaa |
noodles | Jonathan McDowell |
rra | Russ Allbery |
marga | Margarita Manterola |
thijs | Thijs Kinkhorst |
meike | Meike Reichle |
miriam | Miriam Ruiz |
9 of those shares are needed to reproduce the secret key
+Debian uid | Name |
---|---|
luk | Luk Claes |
maxx | Martin Wuertele |
adeodato | Adeodato Simó |
myon | Christoph Berg |
93sam | Steve McIntyre |
bdale | Bdale Garbee |
sgran | Stephen Gran |
dannf | Dann Frazier |
weasel | Peter Palfrader |
enrico | Enrico Zini |
wouter | Wouter Verhelst |
mhy | Mark Hymers |
bzed | Bernd Zeimetz |
stew | Mike O'Connor |