Re: tag2upload (git-debpush) service architecture - draft

To: Ian Jackson <ijackson@chiark.greenend.org.uk>
Cc: "Rebecca N. Palmer" <rebecca_palmer@zoho.com>, debian-devel@lists.debian.org, ftpmaster@debian.org, debian-dak@lists.debian.org, Sean Whitton <spwhitton@spwhitton.name>
Subject: Re: tag2upload (git-debpush) service architecture - draft
From: Sam Hartman <hartmans@debian.org>
Date: Wed, 31 Jul 2019 15:21:32 -0400
Message-id: <[🔎] tsl5zni80xv.fsf@suchdamage.org>
In-reply-to: <[🔎] 20190731183134.pcjqmjjwzg6witoa@shell.thinkmo.de> (Bastian Blank's message of "Wed, 31 Jul 2019 20:31:34 +0200")
References: <[🔎] c565298c-ffae-4d45-d421-c15cd755072a@zoho.com> <[🔎] 1135ba05-c2dd-efc4-fcc5-94bc5f895a09@bzed.de> <[🔎] 8b38fd5f-b2c6-0745-d8ca-94686745f720@zoho.com> <[🔎] 23869.48339.192029.53108@chiark.greenend.org.uk> <[🔎] 1fea303b-96db-7cd6-5178-b9302d612b10@zoho.com> <[🔎] 20190730155437.cnsld27jqb2lgbbb@shell.thinkmo.de> <[🔎] 23873.48403.353433.835198@chiark.greenend.org.uk> <[🔎] 20190731183134.pcjqmjjwzg6witoa@shell.thinkmo.de>

>>>>> "Bastian" == Bastian Blank <waldi@debian.org> writes:

    Bastian> Hi Ian
    Bastian> On Wed, Jul 31, 2019 at 05:08:51PM +0100, Ian Jackson wrote:
    >> Bastian Blank writes ("Re: tag2upload (git-debpush) service
    >> architecture - draft"): > The hypothetical tool creates a
    >> complete .dsc file with the names and > checksums of the
    >> uncompressed files.  The user signed .dsc is put into > the tag.
    >> The point of the tag2upload exercise is to move the .dsc
    >> generation from the uploader's computer to a central service,
    >> because .dsc generation is complicated, slow, and inconvenient.
    >> So generating the .dsc on the user's system defeats the object of
    >> the exercise.

    Bastian> One last time: The user has to certify his upload in a way
    Bastian> the archive can verify.

Let me see if I'm correctly understanding this requirement.  You're
saying that given the dsc presented to dak by the tag2upload service,
dak needs to be able to verify the contents  of the DSC based on the
user's signature and no external data.

So, if the tag2upload service does some transformation to produce the
dsc:

1) dak needs to be able to verify the inputs to that transformation

and
2) confirm those inputs are certified back to a user signature.

Presumably this all needs to be doable using software we'd be
comfortable running as part of dak.

Have I understood your requirement?

--Sam

Reply to:

Follow-Ups:
- Re: tag2upload (git-debpush) service architecture - draft
  - From: Bastian Blank <waldi@debian.org>

References:
- Re: tag2upload (git-debpush) service architecture - draft
  - From: "Rebecca N. Palmer" <rebecca_palmer@zoho.com>
- Re: tag2upload (git-debpush) service architecture - draft
  - From: Bernd Zeimetz <bernd@bzed.de>
- Re: tag2upload (git-debpush) service architecture - draft
  - From: "Rebecca N. Palmer" <rebecca_palmer@zoho.com>
- Re: tag2upload (git-debpush) service architecture - draft
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: tag2upload (git-debpush) service architecture - draft
  - From: "Rebecca N. Palmer" <rebecca_palmer@zoho.com>
- Re: tag2upload (git-debpush) service architecture - draft
  - From: Bastian Blank <waldi@debian.org>
- Re: tag2upload (git-debpush) service architecture - draft
  - From: Ian Jackson <ijackson@chiark.greenend.org.uk>
- Re: tag2upload (git-debpush) service architecture - draft
  - From: Bastian Blank <waldi@debian.org>

Prev by Date: Re: tag2upload (git-debpush) service architecture - draft
Next by Date: Re: tag2upload (git-debpush) service architecture - draft
Previous by thread: Re: tag2upload (git-debpush) service architecture - draft
Next by thread: Re: tag2upload (git-debpush) service architecture - draft
Index(es):
- Date
- Thread