id,summary,reporter,owner,description,type,status,priority,milestone,component,resolution,keywords,cc 221,Put the apt repo signing key somewhere reasonable,adehnert,,"At the moment, achernya has the apt repo signing key on his laptop. We should put it somewhere more useful. See discussion 2011-09-09 on -c scripts -i apt. 1. Stick it in the locker a. Unencrypted (protected by AFS ACLs to scripts-root) b. Encrypted to maintainer's keys 2. Stick it on the hosts 3. Stick it on the Fedora guests 4. Stick it on some build VM or server a. scripts-owned hardware in SMR b. Shared (eg, zulu/magrathea) 5. Something else 6. Have each maintainer store it themselves (3) is a bit silly. Other than that, I think they were all vaguely acceptable. One concern is whether a signed repo with a leaked key is worse than an unsigned repo (if it isn't, then being insecure is vaguely okay). (4) should ideally avoid having a single un-backed-up VM that needs to not vanish, by storing the key elsewhere.",task,closed,major,,internals,fixed,,