Re: [RFH] The need for signed packages and signed Releases (long, long)
Florian Weimer <firstname.lastname@example.org> writes:
> Andrew Suffield <email@example.com> writes:
> > To be decently secure, you need the target system to refuse to accept
> > packages that don't have an acceptable trust path.
> Have you actually tried to determine whom and which machines you have
> to trust implicitly when trusting a particular Debian package? I
> guess this gets really messy pretty soon.
I trust auric. But I don't trust that the DNS servers will give me
the correct IP address for it. Hrm.
Fortunately, there is a partial solution: signatures and signature
checking on packages. And golly gee, it looks like that one is going
to happen, for which I'm quite grateful.