IRC log of #maemo-ssu for Thursday, 2013-01-24

*** Martix_ has quit IRC		00:16
*** MrPingu has quit IRC		00:27
*** luf has quit IRC		00:40
*** _rd has quit IRC		00:53
*** jon_y has quit IRC		01:03
*** wumpwoast has quit IRC		01:09
*** wumpwoast has joined #maemo-ssu		01:10
*** andre__ has quit IRC		01:16
*** andre__ has joined #maemo-ssu		01:31
*** jonwil has joined #maemo-ssu		02:10
*** arcean has quit IRC		02:14
*** joshgillies has joined #maemo-ssu		02:31
*** andre__ has quit IRC		02:39
*** andre__ has joined #maemo-ssu		02:56
*** Pali has quit IRC		03:19
*** Skry has quit IRC		03:26
*** M4rtinK has quit IRC		03:42
*** Skry has joined #maemo-ssu		03:50
*** kolp_ has joined #maemo-ssu		04:04
*** kolp has quit IRC		04:06
*** jon_y has joined #maemo-ssu		04:08
*** amiconn_ has joined #maemo-ssu		05:27
*** amiconn has quit IRC		05:27
*** amiconn_ is now known as amiconn		05:27
*** kolp_ has quit IRC		05:56
*** Mihanizat0r has quit IRC		06:03
*** DocScrutinizer05 has quit IRC		06:03
*** DocScrutinizer05 has joined #maemo-ssu		06:03
*** Mihanizat0r has joined #maemo-ssu		06:45
*** jonwil has quit IRC		08:25
*** _xnt14 has quit IRC		08:37
*** _xnt14 has joined #maemo-ssu		08:39
*** jaded has quit IRC		08:44
*** _xnt14 has quit IRC		08:46
*** _xnt14 has joined #maemo-ssu		08:51
*** joshgillies has quit IRC		08:53
*** Martix_ has joined #maemo-ssu		11:00
*** Pali has joined #maemo-ssu		11:37
*** Martix_ has quit IRC		11:41
*** lizardo has joined #maemo-ssu		12:27
*** kolp has joined #maemo-ssu		12:27
*** arcean has joined #maemo-ssu		12:48
*** Milhouse has quit IRC		12:50
*** Milhouse has joined #maemo-ssu		13:06
DocScrutinizer05	[2013-01-24 12:11:42] <Pali> DocScrutinizer05, nokia should not change gpg key on their repository	13:13
DocScrutinizer05	[2013-01-24 12:11:49] <Pali> it can be bigger problem	13:13
DocScrutinizer05	[2013-01-24 12:11:57] <DocScrutinizer05> please discuss it with other guys, I don't want to send Nokia incomplete info	13:13
DocScrutinizer05	[2013-01-24 12:11:59] <freemangordon> Pali: why?	13:13
DocScrutinizer05	[2013-01-24 12:12:12] <DocScrutinizer05> can we move that to ssu chan please?	13:13
DocScrutinizer05	[2013-01-24 12:12:19] <Pali> freemangordon, because updating HAM config file is hard	13:13
DocScrutinizer05	[2013-01-24 12:12:39] <Pali> but in HAM are no expiration dates	13:13
DocScrutinizer05	[2013-01-24 12:12:47] <DocScrutinizer05> can we move that to ssu chan please?	13:13
DocScrutinizer05	[2013-01-24 12:12:47] <freemangordon> Pali: we have a non-expired key on the devices, why resigning the repo with it should bring problems?	13:13
DocScrutinizer05	[2013-01-24 12:12:49] <Pali> only fingerptints of gpg keys	13:13
Pali	each gpg key in HAM is associated with some apt repo	13:14
Pali	and extras gpg key is for extras repository	13:14
freemangordon	Pali: "MaemoSW Admin <admin@maemo.research.nokia.com>" is the key we talk about	13:14
Pali	no	13:14
freemangordon	yes	13:14
Pali	that key not used	13:14
*** Mihanizat0r has quit IRC		13:14
freemangordon	it is not used now	13:14
Pali	Nokia repository signing key 4v2	13:15
freemangordon	but why it can't be used?	13:15
freemangordon	I know	13:15
DocScrutinizer05	could it get used?	13:15
Pali	freemangordon, because that key is not in HAM	13:15
DocScrutinizer05	hah!	13:15
Pali	you can use it, if you update HAM deb package	13:15
merlin1991	Pali: it is	13:15
Pali	really?	13:16
Pali	I can look at that deb package	13:16
merlin1991	its the D2272FB7...4510B055 key	13:17
merlin1991	Pali: the only repo not covered by the key is extras	13:17
kerio	and extras doesn't have a problem, yet	13:18
merlin1991	ovi, nokia-system and nokia-certified domains all have that key (even as first)	13:18
kerio	the question is, does nokia have that private key?	13:19
Pali	look here: http://pastebin.com/vePUvER7	13:19
Pali	keys stored in ./usr/share/hildon-application-manager/keys/variant-keys.gpg	13:20
Pali	in package hildon-application-manager-settings-standard_16+0+0m5_all.deb	13:20
Pali	there is no "MaemoSW Admin <admin@maemo.research.nokia.com>"	13:20
Pali	key	13:20
merlin1991	oh ffs sake, it's in /usr/share/hildon-aplication.manager/domains/variant-domains.xexp but not in the gpg file	13:21
merlin1991	jesus	13:21
merlin1991	because the fingerprint is in the domain file :/	13:21
* merlin1991 slaps nokia		13:21
Pali	here is domain file: http://pastebin.com/ATH23z9Y	13:21
Pali	./usr/share/hildon-application-manager/domains/variant-domains.xexp from package hildon-application-manager-settings-standard_16+0+0m5_all.deb	13:22
merlin1991	<key>D2272FB7FD2F9633EC90DF4A34385C4D4510B055</key> that's the key	13:22
merlin1991	but the gpg does not contain it, silly nokia	13:22
freemangordon	so, the only thing that could work is fmtx-enabler?	13:24
merlin1991	basically anything in extras that installs another set of keys	13:25
merlin1991	(together with domain info, ...)	13:25
Pali	so better is to not change key	13:26
DocScrutinizer05	sorry for spamming...	13:26
DocScrutinizer05	If I may, one additional question: As GPG supports expiration date	13:26
DocScrutinizer05	extension, is it possible to just update the GPG key expiration date in	13:26
DocScrutinizer05	the N900 device as well?	13:26
DocScrutinizer05	In other words, if we'd update the key in the Akamai/SSU end (this is	13:26
DocScrutinizer05	already done), and then we'd update the key in the N900 device, would	13:26
DocScrutinizer05	that still keep the trust chain intact so stuff could be downloaded to	13:26
DocScrutinizer05	the device from the SSU?	13:26
DocScrutinizer05	All the best,	13:26
DocScrutinizer05	-Matti	13:26
Pali	GPG expiration date can be changed by adding new signature to main gpg key	13:26
Pali	so you need to import new signature to gpg keyring	13:27
*** M4rtinK has joined #maemo-ssu		13:27
Pali	signature can create only owner of private key	13:27
DocScrutinizer05	yes, so we're again back to "deploy a key update via extras, or by other means"	13:28
Pali	so I think that Nokia do not need to update apt signatures on ssu server	13:28
DocScrutinizer05	"or reflash"	13:28
Pali	nokia only need to publish new signature	13:28
Pali	and we need to import it into n900	13:29
Pali	DocScrutinizer05, yes reflash or user input will be always needed	13:30
Pali	I wrote that in mail too	13:30
DocScrutinizer05	yes, I know, and I agree	13:31
Pali	this is reason why update via PCSuite should be	13:31
DocScrutinizer05	even with this	13:31
*** jonwil has joined #maemo-ssu		13:31
kerio	hold on	13:31
DocScrutinizer05	your arguments why we should do PCsuite reflash are better than mine why we shouldn't	13:32
kerio	maemosw admin is checked by apt and ham	13:32
kerio	and the key is in /usr/share/keychains or something	13:32
kerio	hm, now i actually don't know if HAM will accept that	13:32
Pali	kerio, that key is not in HAM	13:33
Pali	read irc log	13:33
Pali	and pastebin	13:33
kerio	Pali: apt-key list	13:34
jonwil	so basically we are stuck with no way to push anything to N900s to solve this key mess?	13:34
Pali	kerio, key is missing in /usr/share/hildon-application-manager/keys	13:34
DocScrutinizer05	(irclog) I mailed >> http://mg.pov.lt/maemo-ssu-irclog/%23maemo-ssu.2013-01-24.log.html#t2013-01-24T13:13:24 << to Nokia	13:34
freemangordon	can't we try it? i.e. remove CSSU-testing-testing key from HAM (whatever that means) and push an update to cssu-testing-testing	13:34
kerio	Pali: is that the only directory that's checked?	13:34
Pali	kerio, I do not know	13:34
kerio	(i can't, for the life of me, figure out where's the source to apt-worker)	13:34
Pali	HAM is really really **** SW	13:34
kerio	oh, here it is	13:35
freemangordon	(on a CSSU device that is)	13:35
freemangordon	Pali, merlin1991: ^^^ ?	13:35
kerio	there's no mention of gnupg in the apt-worker file	13:36
kerio	there's a bunch of apt-pkg	13:36
jonwil	ok, so if apt-key (which is a shell script) displays the MaemoSW Admin key, it should be possible to read apt-key script and find out where it gets that key from	13:36
kerio	so maybe it uses the key checking mechanism of apt	13:36
kerio	jonwil: it's stored in /etc/apt/trusted.gpg	13:36
freemangordon	I guess HAM could just issue a warning, instead of refusing to ise the repo	13:36
kerio	but it's actually in the maemointernal-keyring package	13:36
freemangordon	*use	13:36
kerio	maemointernal-keyring - The keys for apt-secure for maemo.research.nokia.com.	13:37
jonwil	ok, so the 2 questions we have are firstly whether HAM would accept the core repos again if the right files were signed with the MaemoSW Admin key and secondly whether Nokia has the private half of that key or not	13:37
kerio	jonwil: yep	13:38
jonwil	ok, so has someone asked Nokia if they do in fact have the private half of that key anywhere?	13:38
DocScrutinizer05	jonwil: why shall we ask them?	13:38
kerio	if i'm reading this correctly, apt-worker is using debReleaseIndex	13:39
kerio	DocScrutinizer05: because if they do, their effort will be "use a different key for the repo"	13:39
kerio	which is trivial	13:39
jonwil	If they can sign the official repos with that MaemoSW Admin key, that should make them work again and they dont need to do anything more	13:40
DocScrutinizer05	if that's feasible then they will check if they have access to that key. If it doesn't work, like Pali claims, there's no use in searching each drawer of a 10k+ company for the private key	13:40
DocScrutinizer05	simple as that	13:40
DocScrutinizer05	for us it doesn't make any difference	13:40
jonwil	ok, question, will HAM work if the repository has no signature at all?	13:41
jonwil	I dont know how HAM and APT works on that score	13:41
DocScrutinizer05	sigh	13:41
* jonwil assumes he should have read the chanlog first :P		13:41
DocScrutinizer05	Pali: could you pastebin your mail please?	13:41
DocScrutinizer05	it been the best answer so far	13:42
freemangordon	merlin1991: could you test what I proposed ^^^?	13:42
jonwil	btw, I am still getting nowhere with the GPRS stuff I was working on :(	13:43
kerio	Pali: i think that apt-worker uses apt's verification	13:43
freemangordon	that test will make it clear if it makes sense for Nokia to search the drawers	13:43
kerio	the test will only make sense if there's no .gpg file for that key in /usr/share/hildon-application-manager/keys but the key is still in trusted.gpg	13:44
Pali	mails: http://pastebin.com/r73YzXDh	13:44
freemangordon	sure	13:44
freemangordon	kerio: the same situation, but with a different repo we have the control on	13:45
Pali	so maemo intrnal gpg key is in apt keyring (added in postinst script) and fingerprint is in HAM domain file	13:45
Pali	only gpg key is missing in HAM keys dir	13:46
Pali	so ask nokia if has private key of that maemo internal	13:46
Pali	and ask if can create some testing repository	13:46
Pali	and sign it	13:46
freemangordon	Pali: we have that, no need to ask nokia	13:46
Pali	then we can test if key is accpted by nokia	13:47
Pali	freemangordon, how?	13:47
freemangordon	by using CSSU repos	13:47
freemangordon	remove CSSU-devel gpg key from HAM	13:47
Pali	note that cssu gpg key is in HAM key dir	13:47
freemangordon	and push some test package in -devel	13:47
Pali	ah, ok	13:47
freemangordon	:)	13:48
Pali	ok, remove directory /usr/share/hildon-application-manager/keys (backup it)	13:48
Pali	and test	13:48
Pali	what you can	13:48
Pali	downgrade package	13:48
Pali	remove dir	13:48
Pali	and try to update via HAM	13:48
Pali	you need to downgrade metapackage which is visible in HAM	13:49
freemangordon	who will do that?	13:49
* freemangordon is not ia a mood right now as he had an accident yesterday :(		13:49
DocScrutinizer05	freemangordon: hope you're ok	13:51
freemangordon	so-so :)	13:51
DocScrutinizer05	get well soon, pal	13:51
freemangordon	some sew work on my head, otherwise I am fine	13:51
DocScrutinizer05	Pali: you got mail?	14:35
Pali	yes I got it	14:37
DocScrutinizer05	please keep me on CC but don't expect me to do further moderation if not needed (IOW I'd like to keep this running on own feet, dedicating my time to some other issue) Do you think this will fly?	14:39
DocScrutinizer05	Pali: also please check back with your peers here, to confirm your statements you send to them	14:42
Pali	I'm going to check with cssu-testing if key must be in ham dir	14:42
Pali	if not, then we can ask if nokia has that internal private key...	14:43
DocScrutinizer05	great! freemangordon at least will love to hear about the results as well	14:43
DocScrutinizer05	Pali: please understand that these guys are external, and Nokia is a huge company. It might get difficult to even find out what's possible or not	14:44
Pali	I understand	14:45
Pali	but this solution can be ideal	14:45
Pali	no need to update n900 device, no need to change repository	14:45
Pali	only generate new file Release.gpg	14:45
DocScrutinizer05	sure, so if it's confirmed to work, it's for sure worth the effort to try and find that key	14:45
Pali	nothing more	14:45
Pali	aaaah I cannot downgrade :-( 21.2011.38-1Tmaemo7.2 is slow/not working...	14:46
Pali	repository.maemo.org	14:46
DocScrutinizer05	shit	14:47
Pali	I need some cssu-testing mirror	14:47
jonwil	Do we know if anything requires that the repository be signed? (was this discussed earlier?)	14:47
Pali	I belive that this will work: http://maemo.merlin1991.at/apt-mirror/community-testing/pool/fremantle/free/m/mp-fremantle-community-pr/	14:47
DocScrutinizer05	yes, it is all been discussed	14:47
jonwil	ok	14:47
jonwil	so it does have to be signed?	14:48
DocScrutinizer05	please read Pali's mail he pastebin'ed	14:48
DocScrutinizer05	or read that wiki page	14:48
Pali	jonwil, we should have signed repositories	14:48
jonwil	ok, well if re-signing the files with the MaemoSW Admin key will work, we should definatly pursue that angle as its the best solution IMO	14:50
jonwil	otherwise it seems like the "plan B" is to push updates to anyone who has CSSU or can update via PC-Suite (or who finds out about the update and can manually install it)	14:52
jonwil	which if its the only option seems like a good one :)	14:53
jonwil	in any case I will continue to look into what I can (and cat) reverse engineer (so far, all my attempts to try and reverse engineer the GPRS bits have come up with nothing useful)	14:55
*** _xnt14 has quit IRC		15:03
*** LaoLang_cool has joined #maemo-ssu		15:06
Pali	DocScrutinizer05, it is possible to update CSSUT without gpg keys in ham dir /usr/share/hildon-application-manager/keys/	15:08
Pali	now I started updating	15:08
jonwil	Pali, is that good news or not?	15:08
Pali	(btw Maemo-Upgrade-Description: really replace Description: in package list - not in details)	15:09
Pali	I will fix this in cssu metapackage	15:09
Pali	jonwil, it is good news	15:09
jonwil	ok	15:09
Pali	if nokia find somewhere that internal repo private key, they can fix ssu without any user interaction	15:10
jonwil	great	15:10
jonwil	Someone needs to mail nokia then...	15:10
jonwil	:)	15:10
Pali	they only need to find that key and regenerate Release.gpg file	15:10
Pali	notthing more	15:10
jonwil	yeah	15:10
jonwil	seems easy enough if they still have that key somewhere	15:10
jonwil	if not, we move to plan B, whatever that ends up being :)	15:11
Pali	DocScrutinizer05, I will ask in that email tread	15:11
DocScrutinizer05	that's why they sent you that mail - to answer their question and help with further suggestions	15:14
*** freemangordon_ has joined #maemo-ssu		15:14
freemangordon_	Pali: is ham in cssu the same as stock re gpg keys?	15:15
Pali	freemangordon_ yes it should be	15:16
freemangordon_	Ok. Great news :-)	15:17
*** M4rtinK2 has joined #maemo-ssu		15:22
*** M4rtinK2 has quit IRC		15:22
*** M4rtinK has quit IRC		15:25
*** M4rtinK has joined #maemo-ssu		15:33
merlin1991	freemangordon_: the ham gpg keys come from a different package	15:34
freemangordon	merlin1991: so?	15:34
freemangordon	I guess once we have the repos back, Nokia can push an update ti fix that in a proper way	15:35
merlin1991	we can patch the ham binary a billion times without touching the keys .)	15:35
freemangordon	*to	15:35
freemangordon	merlin1991: we can't, as we don't have a tool to push anything on non-cssu device :)	15:36
freemangordon	Or I am missing your idea?	15:36
merlin1991	your totally missing the base of my statement :D	15:37
merlin1991	I meant to say that key wise cssu is identical to stock maemo, it only adds keys in other places	15:37
freemangordon	sorry, I am and will be stupid for a couple of days, would you elaborate? (toldya I had an accident and my head was hit ;) )	15:39
freemangordon	merlin1991: aah, got it now :D. That is why I asked someone (and pali did) to remove CSSU gpg kay from HAM and to see what will happen	15:48
freemangordon	*key	15:48
* freemangordon wonders why HAM has gpg keys if they are not used		15:53
*** freemangordon_ has left #maemo-ssu		15:57
kerio	freemangordon: what have you checked, btw?	15:57
kerio	HAM will refresh the repos correctly, it'll just refuse to consider the package as a system package	15:57
freemangordon	me? nothing, it was Pali	15:57
kerio	Pali: same question	15:58
Pali	freemangordon, I looked into HAM source and I did not found any code which touching "keys" folder	15:58
freemangordon	kerio: BTW read the backscroll	15:58
Pali	so I think that folder is only for sotrage of keys	15:58
kerio	i did, it's just not clear enough	15:58
Pali	and in postinst they are imported into apt keyring	15:58
kerio	Pali: yay	15:59
kerio	so... what about using /usr/share/keyrings for community-ssu-enabler? :)	15:59
Pali	ubuntu using /usr/share/keyrings/ for its keys	15:59
kerio	debian too	15:59
freemangordon	kerio: AIUI Pali proved that if Nokia still keeps "SW Admin" key, we are back in the game	16:00
kerio	^_^	16:00
freemangordon	well, the repoas are :D	16:00
Pali	kerio, cssu path of keys are not irrelevant	16:00
kerio	Pali: exactly, so why not use the correct place?	16:00
Pali	kerio, because Maemo and HAM not using correct places too :D	16:00
kerio	just the nokia keys	16:00
kerio	which are irrelevant, except for the extras one	16:01
kerio	(and maemosw, ofc)	16:01
kerio	well, now let's just hope that the guys who asked for our help have the power and the will to look for the secret key	16:01
freemangordon	yep	16:01
kerio	what's maemo.research.nokia.com, btw?	16:02
kerio	or what was it?	16:02
kerio	what the hell, no screen on the repos	16:06
kerio	oh, it's in sdktools, isn't it	16:07
*** xes has joined #maemo-ssu		16:08
kerio	meh, tmux is better	16:08
Pali	merlin1991, freemangordon, DocScrutinizer05: GPG key for CSSU repositories will expire 2013-10-25	16:22
Pali	key is: pub 1024D/2E6D6F9A 2010-10-26 maemo.org community repositories (fremantle) <repositories@maemo.org>	16:22
Pali	sub 2048g/9F185A1A 2010-10-26 [expires: 2013-10-25]	16:22
freemangordon	Pali: well, there is a plenty of time to fix it	16:22
Pali	we should start discussion about it	16:23
freemangordon	once we have the infra back, yes	16:23
Pali	becase we need to release STABLE CSSU and make sure that everybody will update CSSU before that day	16:23
Pali	and that stable cssu must have updated GPG key	16:24
kerio	Pali: we could just fix HAM	16:24
kerio	well, we should do both	16:24
*** xes has quit IRC		16:25
kerio	Pali: actually, we can just (ab)use merlin1991's key	16:25
kerio	i'm sure he won't mind	16:25
Pali	I'm for deteting expiration date from that key	16:25
merlin1991	kerio: not for stable/ testing	16:25
kerio	merlin1991: pleeeeeeeeeeeeeeeeeeeeeease	16:25
kerio	:3	16:25
merlin1991	the key is only valid for thumb	16:26
kerio	Pali: +1, actually	16:26
Pali	merlin key is without expiraion date	16:26
kerio	merlin1991: nope	16:26
kerio	<name>community</name>	16:26
kerio	<key>3EF6EE85773B629FB2516B795D0E7C4F2E6D6F9A</key>	16:26
kerio	<key>3BF3A043AE1A872CBCE84314144B83D58239FA6E</key>	16:26
Pali	now from cssu domain file I see that we can exchange merlin and "maemo.org community repositories (fremantle)" key	16:27
Pali	so the worse situation will be to include merlin private key to repository.maemo.org server for signing...	16:27
kerio	Pali: that's a kludge though	16:29
kerio	however, i agree that we can remove the key expiration date	16:30
Pali	so better is to update above key and include it in cssu ASAP	16:30
merlin1991	hm stable doesn't have the updated cssu enabler yet	16:31
kerio	merlin1991: so cssu stable users don't have any problem with the nokia repo, hah	16:31
kerio	in fact, anyone who passed through the old cssu-enabler doesn't have problems, aiui	16:32
merlin1991	kerio: nope cssu-stable users don't have my key on their device	16:32
Pali	what about pushing cssu enabler to extras (when autobuilder start working)?	16:32
*** xes has joined #maemo-ssu		16:32
*** xes has joined #maemo-ssu		16:32
kerio	because the domain information is discarded if you disable the domain check, or something like that	16:32
merlin1991	yep	16:32
merlin1991	cssu-stable users simply ignore domains	16:32
kerio	merlin1991: yeah but even reenabling the check will only set the information for new packages that get upgraded	16:33
kerio	anyway, can we just disable HAM's domain bullshit?	16:33
kerio	do the equivalent of red-pill-ignore-wrong-domains 0	16:33
merlin1991	well check what the old cssu-enabler does to apt-worker	16:34
merlin1991	it's that easy :D	16:34
kerio	merlin1991: that's a kludge	16:34
kerio	Pali: debian's key for wheezy expires in 2019	16:35
Pali	I'm for deleting expire date	16:36
*** LaoLang_cool has quit IRC		16:36
kerio	Pali: what if the key gets leaked and someone does a MITM attack on rmo?	16:36
Pali	In 2019 maybe nobody will remember how to extend expiration...	16:36
kerio	...it could happen!	16:36
Pali	kerio, and what happen if we have set expiration?	16:37
freemangordon	nothing :D	16:37
kerio	well, they'll only be able to do the attack until the key expires!	16:37
Pali	for sure MITM attack will not happen day before expiration	16:37
Pali	one week for attack is enought...	16:38
kerio	i say that we steal merlin1991's key	16:38
kerio	:D	16:38
Pali	kerio, you need: still some key from zone and upload it to server from that zone	16:39
kerio	indeed	16:39
kerio	using merlin1991's key would mean that we don't have to do anything, though	16:39
Pali	so you need to hack nokia server and add here maemosw key :D	16:39
kerio	oh, not the nokia servers ofc	16:39
kerio	those MUST use "maemosw admin" at this point	16:39
Pali	or you need to hack maemo.org server, download maemo key, hack merlin server and add to merlin server maemo.org key	16:40
kerio	if they want to ship updates to current vanilla n900s that don't know about cssu	16:40
Pali	so if sombody hack servers, why on the earth he will hack another for MITM attack??	16:41
Pali	he can directly push hacked packages on hacked server...	16:41
kerio	not necessarily	16:41
kerio	send a couple of hookers to merlin1991's house	16:42
kerio	they "distract" him, you then enter and steal the key	16:42
merlin1991	:D	16:42
kerio	see? he'll be happy about it	16:42
kerio	merlin1991: nowhere i said that we'll pay the hookers enough for you to finish, though	16:43
merlin1991	bastard :D	16:44
kerio	Pali: do we have the secret key for the maemo community repo?	16:48
Pali	merlin has merlin key (I belive :-)	16:48
DocScrutinizer05	Pali: thanks for the mail! :-)	16:49
kerio	no, i mean 2E6D6F9A ("maemo.org community repositories (fremantle) <repositories@maemo.org>")	16:49
Pali	and key for community repo on repository.maemo.org must be on maemo.org because it signing Release file every update	16:49
Pali	so we need to ask maemo.org maintainer where is...	16:50
kerio	pushing the same key but without an expiration date would work fine i suppose	16:50
kerio	but are the keyservers going to complain?	16:50
Pali	how tou want to generate same key??	16:51
Pali	kerio, do you know how to hack RSA, DSA or Elgamal?	16:51
kerio	Pali: gpg --edit-key	16:52
kerio	and then "expire"	16:52
Pali	this generating new signature to key	16:52
kerio	but you need the secret key	16:52
kerio	of course :)	16:52
Pali	and you are exporting new signature to keyservers	16:52
kerio	yeah, but will they accept the new key, overwriting the old one?	16:52
kerio	it feels dirty	16:53
kerio	like editing the history in a dvcs after you've pushed it somewhere	16:53
Pali	keyserver accept any key, signature, ...	16:53
Pali	kerio, changing expiration is only creating new signarue	16:53
Pali	you are not overwrting key...	16:54
Pali	then you will see two (or more) signatures: one that key expires at XYZ and second (with newer timestamp) that key expiring at ABC (or never)	16:55
kerio	i see	16:55
Pali	when you downloading gpg key, you will download all subkeys and singatures	16:55
kerio	so the most recent one is the one that's downloaded from the keyserver?	16:55
Pali	and then you decide when key expire	16:55
Pali	kerio, yes	16:55
kerio	so there's no way to leave the keyservers in an "inconsistent" state, i see	16:56
Pali	and you never can delete anything pushed to keyserver	16:57
Pali	you can only create new signature which changing last state... (e.g. submit revocation)	16:58
Pali	freemangordon, now when kernel-power is ready we could start to use wiki for cssu kernel patches	17:20
Pali	but wiki is again not working :-(	17:21
*** toxaris has joined #maemo-ssu		18:03
*** jade has joined #maemo-ssu		18:15
*** iDont has joined #maemo-ssu		18:26
*** toxaris has quit IRC		19:16
*** dhbiker has quit IRC		19:31
*** jonwil has quit IRC		20:00
*** dhbiker has joined #maemo-ssu		20:07
*** arcean_ has joined #maemo-ssu		20:20
*** arcean has quit IRC		20:20
*** arcean_ is now known as arcean		20:20
*** Mihanizat0r has joined #maemo-ssu		20:53
*** Mihanizat0r has quit IRC		21:06
*** NIN101 has joined #maemo-ssu		21:20
*** luf has joined #maemo-ssu		21:25
*** lizardo has quit IRC		21:39
*** lizardo has joined #maemo-ssu		21:40
*** iDont has quit IRC		21:46
*** lizardo has quit IRC		21:52
*** lizardo has joined #maemo-ssu		21:52
*** futpib has joined #maemo-ssu		22:06
*** Martix_ has joined #maemo-ssu		22:10
*** luf has quit IRC		22:18
*** lizardo has quit IRC		23:00
*** arcean has quit IRC		23:20
*** arcean has joined #maemo-ssu		23:21
*** Estel_ has joined #maemo-ssu		23:24
*** Estel_ has quit IRC		23:24
*** Estel_ has joined #maemo-ssu		23:24
*** futpib has quit IRC		23:43
*** Estel_ has quit IRC		23:50

Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!