Re: Facilitating external repositories

[Wouter Verhelst <wouter@debian.org>]

On Mon, Jun 08, 2015 at 09:12:51AM +0200, Tollef Fog Heen wrote:
> ]] Wouter Verhelst 
> 
> > Having said that, I do agree with you that we should not allow just
> > about anyone to create a repository which will be automatically trusted
> > by the whole Debian system. Establishing such a trust chain should,
> > indeed, require some vetting by at least one Debian Developer, so that
> > malicious packages can be rejected, if needs be.
> 
> I've always been a bit unhappy about the idea of using keys to decide
> which repositories are trusted or not.  The signature is there primarily
> to act as an anti-MITM tool.  This is a bit similar (or maybe
> equivalent) to the difference between authentication and authorization
> for access control.

What would you suggest instead?

-- 
It is easy to love a country that is famous for chocolate and beer

  -- Barack Obama, speaking in Brussels, Belgium, 2014-03-26