Dev/apt-revoker

From Whonix
< Dev
Jump to navigation Jump to search


Materials[edit]

UNFINISHED (barely started)

Materials - pieces of information and links that should be included in the draft.

keyserver discussion[edit]

reread this whole thread https://lists.nongnu.org/archive/html/sks-devel/2013-12/threads.html#00073archive.org

find and reread this discussion[edit]

https://lists.nongnu.org/archive/html/sks-devel/2013-12/msg00075.htmlarchive.org

>> Good question. Probably, but some keyserver operators might view >> it as rude. Best to ask on address@hidden

> Will do.

separate DNS[edit]

aptrevoker.debian.org so this can be turned off / redirected in case keyservers cannot handle the load

/etc/apt-revoker.d[edit]

The code for downloading the revocation certificates should be configurable.

Download the signing key revocation certificates from:

  • version 1 - download from clearnet keyservers
  • version 2 - optionally download from onion keyservers
  • version 3 - optionally download from freenet / or something that implements a permanent takedown attack defense

Proposal[edit]

TODO:

  • Take any of the above bullet points one by one and convert those into a good wording that can be posted on the debian-devel mailing list.

Related[edit]