Skip to content

Bins Role uses offline keys #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
mnm678 wants to merge 6 commits into from
Closed

Bins Role uses offline keys #1

mnm678 wants to merge 6 commits into from

Conversation

@mnm678
Copy link
Collaborator

@mnm678 mnm678 commented Oct 4, 2019

Update the image and description so that the bins role uses offline keys

lukpueh
lukpueh requested changes Oct 7, 2019
View reviewed changes
Copy link
Member

@lukpueh lukpueh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The patch itself looks good to me, but there are other places in the document that need to be adopted. Here is one paragraph that's now obsolete:

Each of the "bin" roles SHOULD share the same key as the bins role, due to space efficiency,
and because there is no security advantage to requiring separate keys.

I suggest to grep for all occurrences of "bin" in the text to check for consistency.

@mnm678
Copy link
Collaborator Author

mnm678 commented Oct 8, 2019

@lukpueh I fixed a couple more references to the online bins key. I decided to not change the references that are fixed in #4 to prevent a conflict.

@JustinCappos
Copy link

JustinCappos commented Oct 9, 2019

@lukpueh, when you get a chance, can you re-review and merge if ready?

trishankatdatadog
trishankatdatadog suggested changes Oct 9, 2019
View reviewed changes
pep-0458.txt Outdated

This PEP proposes that the *bins* role (and its delegated roles) sign for all
PyPI projects with an online key. The *targets* role, which only signs with an
This PEP proposes that the *bins* role's delegated roles sign for all
Copy link

@trishankatdatadog trishankatdatadog Oct 9, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
This PEP proposes that the *bins* role's delegated roles sign for all
This PEP proposes that the *bin-n* roles roles sign for all

mnm678 and others added 3 commits October 9, 2019 17:08
@mnm678 @trishankatdatadog
Update pep-0458.txt
edae028 
Co-Authored-By: Trishank K Kuppusamy <33133073+trishankatdatadog@users.noreply.github.com>
@mnm678 @trishankatdatadog
Apply suggestions from code review
f576634 
Co-Authored-By: Trishank K Kuppusamy <33133073+trishankatdatadog@users.noreply.github.com>
@mnm678
refer to bins roles as bin-n
8e022ee
lukpueh pushed a commit that referenced this pull request Oct 10, 2019
Merge pull request #1 from mnm678:bins_offline
4d1e05c
@lukpueh
Copy link
Member

lukpueh commented Oct 10, 2019

Merged into master manually with 4d1e05c after resolving a conflict (4969aed --> b46c4c4).

@lukpueh lukpueh closed this Oct 10, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lukpueh lukpueh lukpueh requested changes

+1 more reviewer

@trishankatdatadog trishankatdatadog trishankatdatadog requested changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@mnm678 @JustinCappos @lukpueh @trishankatdatadog