Re: Bits from the CD team: plans for debian-cd v3.0
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Steve McIntyre wrote:
| On Fri, Jul 15, 2005 at 10:41:22AM +1200, Philip Charles wrote:
|>On Thu, 14 Jul 2005, Steve McIntyre wrote:
|>
|>> Yes, this is a thorny area. I'm a little concerned - if we've gone to
|>> all the effort of adding signatures to the main archive, then it does
|>> seem to be ducking the problem to just trust all CDs. Allowing CDDs
|>> and redistributors to add new signatures as well should boost the
|>> security of the whole chain to the end user, too.
|>>
|>> Maybe I'm being paranoid, but it wouldn't be too hard to get a lot of
|>> users to to blindly install bad packages (e.g. from a trojanned cover
|>> disc).
|>
|>There was a similar argument some years back. On one side there was
|>customizable CDs, the other a rock solid security chain. What emerged
|>from the discussion was that a suprising number of people produced their
|>own disc sets for a variety of reasons. So customisable disc sets won
|>out. I would imagine that this would still be the situation today.
|
| People were a little less worried about security then, and the normal
| Debian base system did not support the security stuff we now have. I'd
| be curious to see if the balance of opinion has shifted the other way
| by now.
Um...maybe I'm dense, but everyone seems to be talking like there would only
be one trusted key (apparently compiled into apt) which is what makes custom
CDs a problem.
What's wrong with having a configurable set of trusted keys? Then users
could choose to trust official debian CDs/packages, stuff from their
favorite back-ports webiste, or whatever.
- --
Charles Steinkuehler
charles@steinkuehler.net
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFC15+zLywbqEHdNFwRAjukAKCs4awnmwa1rG8qDlsV1V3slJbc4gCfT4BM
RrjWP4kVUBJHt5jBHP8fFIo=
=KOdO
-----END PGP SIGNATURE-----
Reply to: