Adam H. Kerman wrote:
> Thomas Hochstein <
t...@inter.net> wrote:
>> Adam H. Kerman schrieb:
>>> Abandoned cron job left running are rather irritating.
>> Manual signing doesn't solve the problem ...
>
> Now you're changing the topic.
Oh, sorry. Perhaps we talk past each other.
My point was what I'd quoted in my first followup to Julien: the
problems around signing control messages with the upcoming changes in
GPG, and how to tackle that problems.
> If the hierarchy administrator is issuing
> these manually, then the hierarchy is still being actively administered.
> It's not abandoned.
Yes, of course.
> He's reachable and might be encouraged to implement
> a higher-security key.
And I was (and am) looking for the best way to do that - in a Usenet
that is shrinking and mostly stale.
>>> I disagree with the suggestion of just removing the keys.
>> A transition period will be necessary in any case, yes.
>
> Transition? You've been talking about exactly the opposite, that News
> administrators are expected to implement the latest applications, only,
> which won't support keys made in previous versions.
No, I am talking about the problem that we have - on the one hand -
old server installations that can only cope with the current, very old
keys, and that most probably won't be updated: those servers are left
over from the past and are "just running", so they will be rather
switched off than updated. And on the other hand we will - hopefully!
- have new installations with current versions of GnuPG that (some
day) can't cope with the old keys, but will require new keys. I'm not
sure they want to roll their old GnuPG installations.
So I'm looking for the best way to cope with that problem in the
future. For now we can just use the old keys - but that won't last.
> The problem you've been alluding to is that an older and newer version
> of GnuPG cannot both be running on the same host. Right?
I think it can, but it won't run "out of the box".
The problem is not the hierarchy maintainer - I can keep an older
version of GnuPG around -, but the "consumers" of the signed messages.
> But my point all along has been that there's no problem to solve unless
> and until a decent proponent known for discussing the topic proposes that a
> properly justified group be created. Old hierarchy administrator abandoned
> the hierarchy? Then a new one will just have to step forward. Otherwise
> the topic can be discussed in the *.misc or *.general group and the list
> of recognized newsgroups in that hierarchy will remain static.
I agree.
Sorry, I think I didn't make clear enough that I was discussing the
point Julien brought up in his followup (as that is something
bothering me, too), but not the question of "active" hierarchies.
(Which is another problem, but mostly one of missing participants, not
of missing checkgroups.)
-thh
--
/'\ --- JOIN NOW! ---
\ / ASCII ribbon campaign
X against HTML
/ \ in mail and news