Re: Debian images on Microsoft Azure cloud

To: debian-cloud@lists.debian.org, debian-cd@lists.debian.org
Cc: bastian.blank@credativ.de
Subject: Re: Debian images on Microsoft Azure cloud
From: Richard Hartmann <richih.mailinglist@gmail.com>
Date: Wed, 11 Nov 2015 12:01:01 +0100
Message-id: <[🔎] CAD77+gSTiHAsvmH2iyTw-tgc2qvuAYFsyFk022=aBMPcQhgkoA@mail.gmail.com>
In-reply-to: <[🔎] 20151110193404.GA17819@ftbfs.de>
References: <[🔎] 20151110193404.GA17819@ftbfs.de>

Without any official hat, I agree with Md that the changes to the
installed packages seem reasonable, as sparse as possible, and driven
by technological necessity.

I would like to see an official list of packages and checksums
(ideally both SHA-512 and SHA 3-512 as compute & storage are cheap and
using two families increases resilience significantly) & size of the
base image and all files in the base install, sent to list and signed
by a DD, though. Putting said base image and signed list into a place
where DSA can safe-guard it long-term would be the cherry on top.
This seems to be reasonable in terms of actual effort and could help
establish a baseline for a published list of known-good system states.

It's also a request which we could reasonably extend to everyone
interested in publishing their images on the respective platforms,
both retroactively and going forward.


Richard

Reply to:

Follow-Ups:
- Re: Debian images on Microsoft Azure cloud
  - From: Martin Zobel-Helas <martin.zobel-helas@credativ.de>
- Re: Debian images on Microsoft Azure cloud
  - From: Thomas Goirand <zigo@debian.org>
- Re: Debian images on Microsoft Azure cloud
  - From: Bastian Blank <waldi@debian.org>

References:
- Debian images on Microsoft Azure cloud
  - From: Martin Zobel-Helas <martin.zobel-helas@credativ.de>

Prev by Date: Re: Debian images on Microsoft Azure cloud
Next by Date: Re: Debian images on Microsoft Azure cloud
Previous by thread: Re: Debian images on Microsoft Azure cloud
Next by thread: Re: Debian images on Microsoft Azure cloud
Index(es):
- Date
- Thread