Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upMulti-signature scheme for reproducible builds #2535
Comments
andrewdavidwong
added
C: other
crypto
enhancement
labels
Dec 24, 2016
andrewdavidwong
added this to the Release 4.1 milestone
Dec 24, 2016
This was referenced Dec 24, 2016
andrewdavidwong
referenced this issue
May 20, 2017
Open
Consider generating new shared Qubes Master Signing Key #2818
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
andrewdavidwong commentedDec 24, 2016
•
edited
Edited 1 time
-
andrewdavidwong
edited Dec 24, 2016 (most recent)
Once reproducible builds (#816) are implemented, the next step is to convert from relying on a single Qubes Master Signing Key to a multi-signature (M out of N signatures) scheme for ISOs (and possibly also RPMs). One of these signatures can (and arguably should) still be a release key certified by the Qubes Master Signing Key.
Ref: #2459