Re: Bug#93612: Support for new archive structure

[Jason Gunthorpe <jgg@debian.org>]

On Sat, 14 Apr 2001, J.A. Bezemer wrote:

> > b) Use verbatim package files and call them 'Packages.something'
> >   - Everyone can make CD set, and we still have end-to-end security
> >   - apt file:/../ does not work properly on those discs 

> e) The Packages of the FTP archive is copied verbatim to CD as
>    Packages.complete

That's b)

>    - apt file:/../ works properly on those discs 

Nope, packages fails verification and APT will stop without using the
file, ditto for ftp, http, etc. You'll have to fiddle around and switch it
off via some-means-not-yet-determined.

Doing what you described, but swapping the names around is best. Then the
name in the release file matches the name in the filesystem and you can
get authentication with very little hassle. Use an APT line like:

deb-partial ftp:/..../ ...

For instance.

I *really* don't like that we suddenly have to start special casing all
the tools that work with the Release file to work on CD's, thats really
lame. (see below) 

> And lastly, anyone with hostile intentions can easily make/ship a CD which
> contains a modified apt that doesn't check signatures at all. End-to-end

There is a fairly direct means to validate the CD against the web-of-trust
and against the internet (ie ftp.debian.org) and plausibly via trust
through verisign/etc if we get a certificate. (Yet another reason we
musn't resign the files)

Jason