Proposal regarding Bruce's proposal.

To: Debian developers list <debian-devel@lists.debian.org>
Subject: Proposal regarding Bruce's proposal.
From: Ian Jackson <ian@chiark.greenend.org.uk>
Date: Tue, 18 Feb 97 05:17 GMT
Message-id: <[🔎] m0vwhvx-0004NyC@chiark.greenend.org.uk>

Vincent Renardias:
> Regarding Bruce's proposal of having upstream maintainer signing their 
> packages, here's a first proposal:
> It doesn't cover completly the problem, but I think it's a necessary 
> first step.
> 
> As usual, feel free to comment/improve/... _(;

Unfortunately, security protocol design (which is what you are doing)
is seriously non-trivial.

I'm sorry to say that your proposal has serious flaws; for example, it
makes no provision for checking the integrity of the upstream
maintainer's public key.

I strongly suggest that you leave this kind of thing to someone with
more experience of such things.  Crypto and security stuff is _very_
easy to get wrong in a way that's not obvious - after all, if you
write an ordinary bug in your code users will complain, but noone
complains about security problems until the horse has bolted.

Ian.


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

Follow-Ups:
- Re: Proposal regarding Bruce's proposal.
  - From: "Richard G. Roberto" <richr@Bear.COM>
- Re: Proposal regarding Bruce's proposal.
  - From: Vincent Renardias <vincent@waw.com>

Prev by Date: on de-supporting deb-make
Next by Date: Upcoming Debian Releases
Previous by thread: Re: netpbm
Next by thread: Re: Proposal regarding Bruce's proposal.
Index(es):
- Date
- Thread