Document how to keep the members of the groups up-to-date (#15604)

1a7564b1 · sajolida · 36be0833 · 1a7564b1
Commit 1a7564b1 authored Jun 22, 2019 by sajolida
--- a/wiki/src/doc/about/openpgp_keys/signing_key_revocation.mdwn
+++ b/wiki/src/doc/about/openpgp_keys/signing_key_revocation.mdwn
@@ -104,6 +104,8 @@ There is no expiry date on revocation certificates. One way of
 cancelling the revocation power is to destroy all copies of shares of 2
 groups amongst B, C, or D.

+<a id="invitation"></a>
+
 Invitation email
 ================

@@ -236,3 +238,80 @@ to the mailing list.

 Thanks, and may the force be with you!
 </pre>
+
+Keeping the members of the groups B, C, and D up-to-date
+========================================================
+
+At least every 2 years, we make sure that the mechanism still works:
+
+1. We review internally the list of members of each group and decide
+   possible additions and removals from each group.
+
+1. We write to the list to ask all members to check that they still have
+   their share and the number in the file name.
+
+<pre>
+Subject: update
+
+Hi,
+
+Some years ago, you agreed to be part of a distributed mechanism for the
+revocation certificate of the Tails signing key and we sent you a
+cryptographic share of this revocation certificate.
+
+Today, we are asking each of you to:
+
+1. Verify that this email is signed by the Tails signing key.
+
+2. Confirm whether you still have in your possession:
+
+   - Your share of the revocation certificate.
+
+     The file was named tails-signing-key-revocation-cert.asc.NNN, where
+     NNN is a 3 digit number.
+
+   - The number NNN in the file name of your share.
+
+/!\ Please confirm us on tails@boum.org and not on this list. /!\
+
+For the record, the address of the mailing list that you should write to
+in case you want to assemble the revocation certificate is:
+
+    address@example.org
+
+We are also copying below a summary of the mechanism.
+
+XXX: Copy the invitation email:
+XXX: - Include "You can read a complete description of the distribution mechanism on:"
+XXX: - Stop before "So, can we count on you for this?"
+</pre>
+
+### To add new members
+
+1. Send the [[invitation email|signing_key_revocation#invitation]] to
+   the new member.
+
+1. If they agree, ask someone else from the same group to send them
+   their key.
+
+   This reveals some membership to other people but it's all-right since
+   they have the same share.
+
+1. Ask the new member to confirm the reception of their share.
+
+<pre>
+Subject: sharing
+
+Hi,
+
+We asked someone else from your group to send you a copy of your share.
+
+Please tell us once you receive it.
+
+The address of the mailing list that you should write to in case you
+want to assemble the revocation certificate is:
+
+    address@example.org
+
+Thanks, and may the force be with you!
+</pre>