/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Multi-signature scheme for reproducible builds #2535

Open
andrewdavidwong opened this Issue Dec 24, 2016 · 0 comments

Comments

Assignees
No one assigned
Labels
Projects
None yet
Milestone
  Release 4.1
1 participant
@andrewdavidwong
@andrewdavidwong
Member

andrewdavidwong commented Dec 24, 2016
edited
Edited 1 time
  • @andrewdavidwong andrewdavidwong edited Dec 24, 2016 (most recent)

Once reproducible builds (#816) are implemented, the next step is to convert from relying on a single Qubes Master Signing Key to a multi-signature (M out of N signatures) scheme for ISOs (and possibly also RPMs). One of these signatures can (and arguably should) still be a release key certified by the Qubes Master Signing Key.

Ref: #2459

@andrewdavidwong andrewdavidwong added C: other crypto enhancement labels Dec 24, 2016

@andrewdavidwong andrewdavidwong added this to the Release 4.1 milestone Dec 24, 2016

This was referenced Dec 24, 2016

Open
Closed

@andrewdavidwong andrewdavidwong referenced this issue May 20, 2017

Open

Consider generating new shared Qubes Master Signing Key #2818

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment